19 May
2008
19 May
'08
8:11 a.m.
If GetWindowsDirectory fails, you have much worse issues to worry
about than executable redirection.
Also note that regedt32.exe is usually in the system32 directory, so
how is this a security/redirection issue exactly?
This implies someone would have to:
1) Give you a malware regedit.exe in directory foo
2) Give you the legitimate regedt32.exe in directory foo
3) Somehow convince you to:
3.1) Use regedt32 instead of regedit (few people even know this tool)
3.2) Launch regedt32 from this "foo" directory instead of using
start/run regedt32
The issue you're looking for just doesn't exist.
2008/5/19 FENG Yu Ning <fengyuning1984(a)gmail.com>om>:
On Sun, May 18, 2008 at 7:28 PM, Alex Ionescu
<ionucu(a)videotron.ca> wrote:
--
Best regards,
Alex Ionescu
--
Best regards,
Alex Ionescu
Last nitpick: if you can't get the windows directory, just
ShellExecute "regedit.exe" directly, as the code originally did --
this is the behavior on Windows, fyi.
Though it is the behavior on Windows, it is a bad thing, IMHO. There are
already too many little viruses who pretend to be a system executable, say,
explorer.exe, and they are placed in a (sub)directory of the windows
directory to be shell executed. If we can't get the windows direcoty, we
should let the user know, and give them the chance to fix it, instead of
blindly execute anything.
I used to suffer from those, and they were really annoying. Please consider
being different from Windows in this and similar issues.
MHO.
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev