Some random discoveries I made recently:
Access denied: File in use
On Windows 2000/XP, it's possible to move or rename a file that is in use. Quite handy when you have a running process that needs to replace (upgrade) itself: rename the running process, put the new file in place and make the process restart itself.
XBM images
One of the security measurements Microsoft made in the Internet Explorer version that's included in Windows XP SP2, is that XBM images are blocked by default. If you don't know what these are: it's a piece of C code that renders to an image. For example:
#define test_width 16
#define test_height 16
static unsigned char test_bits[] = {
0xff, 0xff, 0x01, 0x80, 0xfd, 0xbf, 0x05, 0xa0, 0xf5, 0xaf, 0x15, 0xa8,
0xd5, 0xab, 0x55, 0xaa, 0x55, 0xaa, 0xd5, 0xab, 0x15, 0xa8, 0xf5, 0xaf,
0x05, 0xa0, 0xfd, 0xbf, 0x01, 0x80, 0xff, 0xff};What's cool about the format is that you can generate the code from javascript and then assign it to an image, like Wolfenstein 5K used to do. Besides this one example, the only place the format appears to be used is a chinese bank, judging from the amount of Google hits for BlockXBM, the registry entry though which the XBM blocking can be circumventend.
Anyway: it's funny to see how at the time when Wolf5K was written, only Internet Explorer had support for XBM, while Mozilla/Firefox did not. This situation is now reversed: Firefox now renders XBM images (I guess some developers wanted to play Wolf5K) while Internet Explorer blocks them because of security concerns.
The blocking by IE makes sense, in my opinion. I wouldn't want my browser to execute random C code either.
Posted by karma at 20:26:44. Filed under: Other Programming
Comments
Add Comment