DOCSLIB.ORG

The OS/2 Warp 4 CID Software Distribution Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The OS/2 Warp 4 CID Software Distribution Guide SG24-2010-00 International Technical Support Organization The OS/2 Warp 4 CID Software Distribution Guide January 1998 Take Note! Before using this information and the product it supports, be sure to read the general information in Appendix D, “Special Notices” on page 513. First Edition (January 1998) This edition applies to OS/2 Warp 4 in a software distribution environment and to NetView Distribution Manager/2 (NVDM/2) with Database 2 (DB2) Version 2.11 for OS/2 and Tivoli TME 10 Software Distribution 3.1.3 for OS/2 (SD4OS2) software distribution managers. This edition also applies to OS/2 Warp 4 subcomponents, such as TCP/IP 4.0, MPTS, NetFinity 4.0, Peer Services, and LAN Distance, and to OS/2- related products, such as eNetwork Personal Communications for OS/2 Warp, eNetwork Communications Server for OS/2 Warp, Transaction Server, Lotus Notes, and Lotus SmartStuite 96 for OS/2 Warp. Comments may be addressed to: IBM Corporation, International Technical Support Organization Dept. DHHB Building 045 Internal Zip 2834 11400 Burnet Road Austin, Texas 78758-3493 When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believes appropriate without incurring any obligation to you. © Copyright International Business Machines Corporation 1998. All rights reserved Note to U.S Government Users – Documentation related to restricted rights – Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp. Contents Figures. .xiii Tables. xvii Preface. .xix How This Redbook in Organized . xix The Team That Wrote This Redbook . xxi Comments Welcome . xxiii Redbooks Online . xxiii Part 1. Common Information . 1 Chapter 1. Software Distribution Made Simple. 3 1.1 Standard Installation Method . 3 1.2 Installation by Replication. 5 1.3 CID-Enabled Installation. 6 1.4 CID Concepts and Terminology . 8 1.4.1 Response Files. 8 1.4.2 Redirected Installation (Redirected I/O or Drives) . 10 1.4.3 Software Distribution Manager . 11 1.4.4 Logging facilities. 13 1.5 Installation Modes . 13 1.5.1 Attended Installation . 13 1.5.2 Lightly Attended Installation . 14 1.5.3 Unattended Installation. 15 1.5.4 Clarification . 15 1.5.5 Summary . 16 1.6 Code Server Setup. 17 1.6.1 Server Types . 17 1.6.2 CID Structure . 17 Chapter 2. Introducing Software Distribution Managers . 21 2.1 LAN CID Utility . 21 2.1.1 LAPS/MPTS Versions. 23 2.2 NetView Distribution Manager/2 . 24 2.3 TME 10 Software Distribution 3.1.3 for OS/2 . 25 2.4 Single-Server Software Distribution Network . 27 2.5 Positioning LCU, NetView DM/2 and TME 10 SD 3.1.3 - Summary. 33 2.6 Overview of Software Distribution Managers . 34 © Copyright IBM Corp. 1998 iii Chapter 3. OS/2 Warp 4 - Installation Steps Local Install. 39 3.1 Installation Diskettes . 39 3.2 Local Install Phase 1 . 40 3.3 Local Install Phase 2 . 44 3.4 Local Install Phase 3 . 53 3.5 The Installation Directory Structure . 56 3.6 The Local Install Key Files . 58 3.6.1 The INSTALL.EXE Executable (\OS2\INSTALL) . 58 3.6.2 The CASAGENT.EXE Executable (\CID\LOCINSTU) . 58 3.6.3 The LOCAL.CMD Command File (\IBMINST\RSP\LOCAL) . 58 3.6.4 The NPCONFIG.EXE Executable (\IBMINST). 59 3.6.5 The Response Files (\IBMINST\RSP\LOCAL). 59 3.7 FixPak Installation . 61 3.7.1 The SERVICE Command . 63 3.7.2 The FSERVICE Command . 65 3.7.3 Sample ServicePak/FixPak Response File . 67 3.7.4 Enhanced ServicePak/FixPak Response Files . 67 3.7.5 Logging Information . 70 3.7.6 Interrupted Service . 71 3.7.7 CSF Response File Keywords . 71 Chapter 4. Utilities to Ease Remote Installation . 75 4.1 Loading OS/2 CID Utilities to the Code Server . 76 4.2 Unpacking the OS/2 Warp 4 CID Utilities . 77 4.3 The GETOSCID Command. 78 4.4 The SEDISK Command . 79 4.4.1 SEDISK Return Codes . 80 4.5 The SEIMAGE Command. 81 4.5.1 SEIMAGE Return Codes. 82 4.6 The SEINST Command . 82 4.6.1 SEINST and SEMAINT Return Codes. 84 4.6.2 RSPINST Return Codes . 84 4.7 Display Driver Install . 89 4.7.1 Matrox Millenium Driver Installation for IBM PC 350 . 92 4.8 Necessary Utilities for LAN CID Utility (LCU) . 96 4.8.1 The GETBOOT Command . 96 4.8.2 The GETREXX Command . 96 4.9 The SrvIFS Utility . 98 4.9.1 The THINSRV Command . 99 4.9.2 The THINIFS Command . 101 4.9.3 The IFSDEL Command. 106 4.10 LAN CID Utility (LCU) . 106 4.10.1 The CASINSTL Command . 107 iv The OS/2 Warp 4 CID Software Distribution Guide 4.10.2 The CASAGENT Command . 110 4.10.3 The CASCKREX Command . 111 4.10.4 The CASDELET Command. 112 4.11 MPTS Utilities. 112 4.11.1 The THINLAPS Command . 112 4.12 NetView DM/2: The NVDMBDSK Utility . 118 4.13 General CID Return Codes. 120 4.14 Desktop Shuffler. 121 4.14.1 Example of the SHUF_CTL.INI Control File . 122 4.14.2 The Working Control and Keywords Files . 125 4.15 Remote Multiple Printer Support. 131 4.15.1 Remote Printer Install (RINSTPRN) . 131 4.15.2 The RINSPRN Command . 131 4.15.3 Remote Printer Install Response File Keywords . 136 4.15.4 RINSTPRN Response File Configurator RINSTCFG. 143 4.15.5 Backing Up and Restoring Printer and Job Properties. 147 4.15.6 Holding or Releasing a Queue . 149 4.16 Software Installer . 150 4.16.1 Parameter Definitions . 151 4.16.2 Product Database File . 152 4.16.3 Installation Scenario . 152 4.17 ASD - Alternative Software Delivery . 154 4.17.1 ASD-Allowed and ASD-PreReq Service and Support Issues. 156 4.17.2 ASD Requirements . ..
Load more

Recommended publications
  • Configuring UNIX-Specific Settings: Creating Symbolic Links : Snap
    Configuring UNIX-specific settings: Creating symbolic links Snap Creator Framework NetApp September 23, 2021 This PDF was generated from https://docs.netapp.com/us-en/snap-creator- framework/installation/task_creating_symbolic_links_for_domino_plug_in_on_linux_and_solaris_hosts.ht ml on September 23, 2021. Always check docs.netapp.com for the latest. Table of Contents Configuring UNIX-specific settings: Creating symbolic links . 1 Creating symbolic links for the Domino plug-in on Linux and Solaris hosts. 1 Creating symbolic links for the Domino plug-in on AIX hosts. 2 Configuring UNIX-specific settings: Creating symbolic links If you are going to install the Snap Creator Agent on a UNIX operating system (AIX, Linux, and Solaris), for the IBM Domino plug-in to work properly, three symbolic links (symlinks) must be created to link to Domino’s shared object files. Installation procedures vary slightly depending on the operating system. Refer to the appropriate procedure for your operating system. Domino does not support the HP-UX operating system. Creating symbolic links for the Domino plug-in on Linux and Solaris hosts You need to perform this procedure if you want to create symbolic links for the Domino plug-in on Linux and Solaris hosts. You should not copy and paste commands directly from this document; errors (such as incorrectly transferred characters caused by line breaks and hard returns) might result. Copy and paste the commands into a text editor, verify the commands, and then enter them in the CLI console. The paths provided in the following steps refer to the 32-bit systems; 64-bit systems must create simlinks to /usr/lib64 instead of /usr/lib.
    [Show full text]
  • Mac Keyboard Shortcuts Cut, Copy, Paste, and Other Common Shortcuts
    Mac keyboard shortcuts By pressing a combination of keys, you can do things that normally need a mouse, trackpad, or other input device. To use a keyboard shortcut, hold down one or more modifier keys while pressing the last key of the shortcut. For example, to use the shortcut Command-C (copy), hold down Command, press C, then release both keys. Mac menus and keyboards often use symbols for certain keys, including the modifier keys: Command ⌘ Option ⌥ Caps Lock ⇪ Shift ⇧ Control ⌃ Fn If you're using a keyboard made for Windows PCs, use the Alt key instead of Option, and the Windows logo key instead of Command. Some Mac keyboards and shortcuts use special keys in the top row, which include icons for volume, display brightness, and other functions. Press the icon key to perform that function, or combine it with the Fn key to use it as an F1, F2, F3, or other standard function key. To learn more shortcuts, check the menus of the app you're using. Every app can have its own shortcuts, and shortcuts that work in one app may not work in another. Cut, copy, paste, and other common shortcuts Shortcut Description Command-X Cut: Remove the selected item and copy it to the Clipboard. Command-C Copy the selected item to the Clipboard. This also works for files in the Finder. Command-V Paste the contents of the Clipboard into the current document or app. This also works for files in the Finder. Command-Z Undo the previous command. You can then press Command-Shift-Z to Redo, reversing the undo command.
    [Show full text]
  • Powershell Integration with Vmware View 5.0
    PowerShell Integration with VMware® View™ 5.0 TECHNICAL WHITE PAPER PowerShell Integration with VMware View 5.0 Table of Contents Introduction . 3 VMware View. 3 Windows PowerShell . 3 Architecture . 4 Cmdlet dll. 4 Communication with Broker . 4 VMware View PowerCLI Integration . 5 VMware View PowerCLI Prerequisites . 5 Using VMware View PowerCLI . 5 VMware View PowerCLI cmdlets . 6 vSphere PowerCLI Integration . 7 Examples of VMware View PowerCLI and VMware vSphere PowerCLI Integration . 7 Passing VMs from Get-VM to VMware View PowerCLI cmdlets . 7 Registering a vCenter Server . .. 7 Using Other VMware vSphere Objects . 7 Advanced Usage . 7 Integrating VMware View PowerCLI into Your Own Scripts . 8 Scheduling PowerShell Scripts . 8 Workflow with VMware View PowerCLI and VMware vSphere PowerCLI . 9 Sample Scripts . 10 Add or Remove Datastores in Automatic Pools . 10 Add or Remove Virtual Machines . 11 Inventory Path Manipulation . 15 Poll Pool Usage . 16 Basic Troubleshooting . 18 About the Authors . 18 TECHNICAL WHITE PAPER / 2 PowerShell Integration with VMware View 5.0 Introduction VMware View VMware® View™ is a best-in-class enterprise desktop virtualization platform. VMware View separates the personal desktop environment from the physical system by moving desktops to a datacenter, where users can access them using a client-server computing model. VMware View delivers a rich set of features required for any enterprise deployment by providing a robust platform for hosting virtual desktops from VMware vSphere™. Windows PowerShell Windows PowerShell is Microsoft’s command line shell and scripting language. PowerShell is built on the Microsoft .NET Framework and helps in system administration. By providing full access to COM (Component Object Model) and WMI (Windows Management Instrumentation), PowerShell enables administrators to perform administrative tasks on both local and remote Windows systems.
    [Show full text]
  • Managing Files with Sterling Connect:Direct File Agent 1.4.0.1
    Managing Files with Sterling Connect:Direct File Agent 1.4.0.1 IBM Contents Managing Files with Sterling Connect:Direct File Agent.......................................... 1 Sterling Connect:Direct File Agent Overview.............................................................................................. 1 How to Run Sterling Connect:Direct File Agent.......................................................................................... 2 Sterling Connect:Direct File Agent Logging.................................................................................................3 Sterling Connect:Direct File Agent Configuration Planning........................................................................ 3 Sterling Connect:Direct File Agent Worksheet ...........................................................................................4 Considerations for a Large Number of Watch Directories.......................................................................... 6 Modifying MaxFileSize............................................................................................................................ 6 Modifying MaxBackupIndex...................................................................................................................6 Considerations for a Large Number of Files in a Watch Directory..............................................................7 Sterling Connect:Direct File Agent Configuration Scenarios...................................................................... 7 Scenario:Detecting
    [Show full text]
  • Where Do You Want to Go Today? Escalating
    Where Do You Want to Go Today? ∗ Escalating Privileges by Pathname Manipulation Suresh Chari Shai Halevi Wietse Venema IBM T.J. Watson Research Center, Hawthorne, New York, USA Abstract 1. Introduction We analyze filename-based privilege escalation attacks, In this work we take another look at the problem of where an attacker creates filesystem links, thereby “trick- privilege escalation via manipulation of filesystem names. ing” a victim program into opening unintended files. Historically, attention has focused on attacks against priv- We develop primitives for a POSIX environment, provid- ileged processes that open files in directories that are ing assurance that files in “safe directories” (such as writable by an attacker. One classical example is email /etc/passwd) cannot be opened by looking up a file by delivery in the UNIX environment (e.g., [9]). Here, an “unsafe pathname” (such as a pathname that resolves the mail-delivery directory (e.g., /var/mail) is often through a symbolic link in a world-writable directory). In group or world writable. An adversarial user may use today's UNIX systems, solutions to this problem are typ- its write permission to create a hard link or symlink at ically built into (some) applications and use application- /var/mail/root that resolves to /etc/passwd. A specific knowledge about (un)safety of certain directories. simple-minded mail-delivery program that appends mail to In contrast, we seek solutions that can be implemented in the file /var/mail/root can have disastrous implica- the filesystem itself (or a library on top of it), thus providing tions for system security.
    [Show full text]
  • An Overview of the Jumplist Configuration File in Windows 7
    Journal of Digital Forensics, Security and Law Volume 7 Number 1 Article 2 2012 An Overview of the Jumplist Configuration File in Windows 7 Harjinder S. Lallie University of Warwick, Coventry Parmjit S. Bains University of Derby, School of Computing and Mathematics Follow this and additional works at: https://commons.erau.edu/jdfsl Part of the Computer Engineering Commons, Computer Law Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, and the Information Security Commons Recommended Citation Lallie, Harjinder S. and Bains, Parmjit S. (2012) "An Overview of the Jumplist Configuration File in Windows 7," Journal of Digital Forensics, Security and Law: Vol. 7 : No. 1 , Article 2. DOI: https://doi.org/10.15394/jdfsl.2012.1110 Available at: https://commons.erau.edu/jdfsl/vol7/iss1/2 This Article is brought to you for free and open access by the Journals at Scholarly Commons. It has been accepted for inclusion in Journal of Digital Forensics, Security and Law by an authorized administrator of (c)ADFSL Scholarly Commons. For more information, please contact [email protected]. Journal of Digital Forensics, Security and Law, Vol. 7(1) An Overview of the Jumplist Configuration File in Windows 7 Harjinder Singh Lalli University of Warwick, International Digital Laboratory (WMG), University of Warwick, Coventry, CV4 7AL, UK; [email protected] Parmjit Singh Bains University of Derby, School of Computing and Mathematics, Kedleston Road, Derby, DE22 1GB, UK; [email protected] ABSTRACT The introduction of Jumplists in Windows 7 was an important feature from a forensic examiners viewpoint. Jumplist configuration files can provide the examiner with a wealth of information relating to file access and in particular: dates/times, Volume GUIDs and unique file object IDs relating to those files.
    [Show full text]
  • Filesystem Hierarchy Standard
    Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Version 3.0 Publication date March 19, 2015 Copyright © 2015 The Linux Foundation Copyright © 1994-2004 Daniel Quinlan Copyright © 2001-2004 Paul 'Rusty' Russell Copyright © 2003-2004 Christopher Yeoh Abstract This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Dedication This release is dedicated to the memory of Christopher Yeoh, a long-time friend and colleague, and one of the original editors of the FHS.
    [Show full text]
  • (12) Patent Application Publication (10) Pub. No.: US 2008/0103921 A1 CELLA Et Al
    US 20080 103921A1 (19) United States (12) Patent Application Publication (10) Pub. No.: US 2008/0103921 A1 CELLA et al. (43) Pub. Date: May 1, 2008 (54) CONTINGENCY-BASED OPTIONS AND (60) Provisional application No. 60/137,310, filed on Jun. FUTURES FOR CONTINGENT TRAVEL 3, 1999. ACCOMMODATIONS Publication Classification (76) Inventors: Charles H. CELLA, Pembroke, MA (US); Edward J. KELLY, Wellesley, (51) Int. Cl. MA (US); Matthew P. VINCENT, G06Q 30/00 (2006.01) Georgetown, MA (US) (52) U.S. Cl. ................................................................ 705/26 Correspondence Address: STRATEGIC PATENTS P.C.. (57) ABSTRACT CFO PORTFOLIOP P.O. BOX S2OSO MINNEAPOLIS, MN 55402 (US) Disclosed herein is a system for allowing a remote user to purchase, over a distributed computer network (e.g., the (21) Appl. No.: 11/875,368 Internet), an option for a ticket and/or accommodations for a contingent event', e.g., an event which is certain to occur (22) Filed: Oct. 19, 2007 but for which the participants, content and/or location(s) are Related U.S. Application Data not predetermined. For instance, the Subject system can be used to sell options for the purchase of tickets to such (63) Continuation of application No. 09/586,723, filed on contingent events such as playoff games on the basis of what Jun. 5, 2000. teams qualify, or all-star game. 282 Y 294 292 HOTEL DINING 290 TRANSPORTATION 288 284 3O4 TICKET OTHER GOODS RENTAL LOCAL CAR ATTRACTIONS OTHER SERVICES Patent Application Publication May 1, 2008 Sheet 1 of 10 US 2008/O103921 A1 to 1 O2 1 O2 1 O2 BUYER BUYER BUYER N7 10 HOST PROVIDER > 104 108 Fig.
    [Show full text]
  • Learning the Vi Editor
    Learning the vi Editor en.wikibooks.org December 29, 2013 On the 28th of April 2012 the contents of the English as well as German Wikibooks and Wikipedia projects were licensed under Creative Commons Attribution-ShareAlike 3.0 Unported license. A URI to this license is given in the list of figures on page 103. If this document is a derived work from the contents of one of these projects and the content was still licensed by the project under this license at the time of derivation this document has to be licensed under the same, a similar or a compatible license, as stated in section 4b of the license. The list of contributors is included in chapter Contributors on page 101. The licenses GPL, LGPL and GFDL are included in chapter Licenses on page 107, since this book and/or parts of it may or may not be licensed under one or more of these licenses, and thus require inclusion of these licenses. The licenses of the figures are given in the list of figures on page 103. This PDF was generated by the LATEX typesetting software. The LATEX source code is included as an attachment (source.7z.txt) in this PDF file. To extract the source from the PDF file, you can use the pdfdetach tool including in the poppler suite, or the http://www. pdflabs.com/tools/pdftk-the-pdf-toolkit/ utility. Some PDF viewers may also let you save the attachment to a file. After extracting it from the PDF file you have to rename it to source.7z.
    [Show full text]
  • An Incremental Path Towards a Safer OS Kernel
    An Incremental Path Towards a Safer OS Kernel Jialin Li Samantha Miller Danyang Zhuo University of Washington University of Washington Duke University Ang Chen Jon Howell Thomas Anderson Rice University VMware Research University of Washington LoC Abstract Incremental Progress Tens of Linux Safe Linux Linux has become the de-facto operating system of our age, Millions FreeBSD but its vulnerabilities are a constant threat to service availabil- Hundreds of Singularity ity, user privacy, and data integrity. While one might scrap Thousands Biscuit Linux and start over, the cost of that would be prohibitive due Theseus Thousands RedLeaf seL4 to Linux’s ubiquitous deployment. In this paper, we propose Hyperkernel Safety an alternative, incremental route to a safer Linux through No Type Ownership Functional proper modularization and gradual replacement module by Guarantees Safety Safety Verification module. We lay out the research challenges and potential Figure 1: Our vision and the current state of systems. solutions for this route, and discuss the open questions ahead. security vulnerabilities are reported each year, and lifetime CCS Concepts analysis suggests that the new code added this year has intro- duced tens of thousands of more bugs. ! • Software and its engineering Software verification; While operating systems are far from the only source of se- ! • Computer systems organization Reliability. curity vulnerabilities, it is hard to envision building trustwor- Keywords thy computer systems without addressing operating system correctness. kernel safety, verified systems, reliable systems One attractive option is to scrap Linux and start over. Many ACM Reference Format: past works focus on building more secure and correct op- Jialin Li, Samantha Miller, Danyang Zhuo, Ang Chen, Jon Howell, erating systems from the ground up: ones based on strong and Thomas Anderson.
    [Show full text]
  • Filesystem Hierarchy Standard
    Filesystem Hierarchy Standard Filesystem Hierarchy Standard Group Edited by Rusty Russell Daniel Quinlan Filesystem Hierarchy Standard by Filesystem Hierarchy Standard Group Edited by Rusty Russell and Daniel Quinlan Published November 4 2003 Copyright © 1994-2003 Daniel Quinlan Copyright © 2001-2003 Paul ’Rusty’ Russell Copyright © 2003 Christopher Yeoh This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Table of Contents 1. Introduction........................................................................................................................................................1 1.1.
    [Show full text]
  • The Linux Kernel Hidden Inside Windows 10
    GAINING VISIBILITY INTO LINUX BINARIES ON WINDOWS: DEFEND AND UNDERSTAND WSL BLUEHAT 2016 ALEX IONESCU @AIONESCU BIO Vice President of EDR Strategy at CrowdStrike, a security startup Previously worked at Apple on iOS Core Platform Team Co-author of Windows Internals 5th, 6th and now 7th Edition Reverse engineering NT since 2000 – lead kernel developer on ReactOS Project Instructor of worldwide Windows Internals classes Conference speaking: • BlueHat 2016, Infiltrate 2015 • Blackhat 2016, 2015, 2013, 2008 • SyScan 2015-2012, NoSuchCon 2014-2013, Breakpoint 2012 • Recon 2016-2010, 2006 For more info, see www.alex-ionescu.com and www.windows-internals.com INTRODUCTION • I have been analyzing WSL since its first inception as “Astoria” and “Arcadia” • Based on Microsoft Research “DrawBridge” Project • Achieved arbitrary ELF binary execution in January 2016 – no WSL installed (Redstone 1 Preview) • Discovered multiple design issues that would allow malicious users to abuse/exploit the subsystem • Presented at BlackHat 2016 after most of the issues had been fixed in Anniversary Update • “Optionality” of subsystem was now enforced (driver no longer present by default at boot) • Protected Process boundary added to driver/subsystem, and Pico processes are isolated too • Some visibility issues addressed (SeLocateProcessImageName no longer returns NULL, for example) • Many more visibility issues exist • New challenges and features which can negatively impact security are coming in Redstone 2 • Aka RS2 aka “Creator’s Update” aka 1703 DESIGN ISSUES
    [Show full text]