Andrey Turkin wrote:
On Sunday 04 July 2010 22:31:49 Dan Kegel wrote:
the Makefile has:
EXTRADLLFLAGS = -Wb,-F,KERNEL32.dll -Wl,--image-base,0x7b800000
Is there a good reason for this? Otherwise, this opens a security
vulnerability in Wine that does not exist in Windows....
This is the way Windows worked before Vista.
(Does Vista actually randomize where even ntdll is?)
BTW our CreateRemoteThread conformance test checks whether
the module has been loaded at a different address, and skips if it
has...
http://www.nynaeve.net/?p=198 has a pretty good explanation why certain DLLs
must be loaded at same address; one example why Wine should care is to satisfy
programs injecting code in different processes.
Code injection is considered a vulnerability if 'bad' code cannot be
detected. I don't know if Windows does this or not....
However, if this is displayed functionality with Windows, we should
duplicate it....
James McKenzie
