In Windows Vista, especially with Aero Glass, have a composer for windows ([url = http://en.wikipedia.org/wiki/Desktop_Window_Manager] Desktop Window Manager [/ url]). As this composer is running in user space, then any application could affect him without asking for elevation of privilege. What to do against a suspension of the window manager where Vista is completely unusable?
Why a composer for windows?
It is Quartz, Xcmpmgr, Compiz, Beryl or DWM, in modern times the systems operating are opting to incorporate a composer rather than only a Windows Manager. The reason?
A composer allows for effects in two or three dimensions, clean graphics, shadows and a couple of features (such as to show the window on another computer remotely) that would be unthinkable in a different way.
Of course, that so much wonder has a cost. The good thing is that usually the current graphics cards do all the work.
What happens then to the composer's view?
Windows (called composer The desktop window manager) of Windows Vista is managed through the UxSms service, which monitors him constantly to re-run it in case of problems and other functions.
Thus, this composer run without administrator privileges, receiving messages of different system components and generating the graphical output. If you do not run with privileges higher then we can apply certain administrative functions, as for example to suspend it with "Process Explorer":
No composer we are not anything... or almost anything
Even in the versions without the graphic effects of Vista, the composer is vital.
Although he does not compose what we see, applications, including "explorer.exe" send you messages and waiting for your response (which is necessary for other functions as the remote desktop).
Then suspend it our system always remains completely unusable (although in smaller form with the classic interface or call Aero Basic).
The secure desktop
Probably, notes the annoying thing is that each question of the Vista user account control, the screen darkens and displayed dialogue without Aero Glass style.
This has a reason, Windows takes a photo of your desktop and passes to a desktop of the system account. This desk can never be altered by other outside applications (controlling your mouse, keyboard or seeing your screen).
There is an icon that serves to show the accessibility options in the options screen (the same one used to log onto the computer) security:
After a couple of tweaks, we can already imagine the analysis functions with the metaphor of the button below:
The only thing we have to do so is to replace the original utility that executes this task manager (Utilman.exe) button. In fact, it works perfectly:
Windows completely violated
Not all of this power is good. Run the Task Manager on the secure desktop with the Windows SYSTEM account is an extremely dangerous task.
The SYSTEM account has full privileges imagined. Such power would even allow us to complete the same process that handles the logon (LogonUI.exe) and other vital.
In addition, as SYSTEM is not really an account designed to be interactive is undesirable to do things that require a file browser, like "explorer.exe" for example, because they will have to prepare for his first run.
Thus, with this power, it is necessary to protect our team. One any user could take control of our computer without even having an account with administrative privileges or anything, only by opening the Task Manager from the login screen, without ever starting one.
With great power comes great responsibility
It is necessary to make a kind of bypass, with a password protection. Preliminarily we have something like this:
The application that we replace (Utilman.exe) is that is responsible for handling all accessibility applications. Important would be to not lose this capability, so we can detect when our application is executed from the SYSTEM account:
And simply redirect their parameters to accessibility applications administrator as it was in the beginning:
This creates an invisible layer, everything continues to operate as always and in addition we have access to our task manager on the security settings screen.
It should be noted that as detail, the password is encoded in the file of XML application settings, using the kind of cryptography provided by the CLR:
Additionally it is possible to set up our little application with the provided configuration file. We could thus change applications that are executed or key by default.
Course should include a mechanism to change the password easily without be modifying the configuration file (where is encoded):
Only one instance
A desirable feature is that multiple instances of this application there are.
There are many ways to accomplish this, but recap a bit of my OS ramos did I use a Mutex admnistrado by operating system:
What if the operating system cannot create a Mutex with the name?, the variable instance will remain False, thus:
Thus we kill all processes (although it may not happen) and give the focus to the first process that we see that it is identical to us.
Summary to replicate the experience
1 change the owner and granted privileges on files "utilman.exe" and "es-ES/utilman.exe.mui" that are in the system directory.
2 rename those files (by default will use in the "_utilman.exe" configuration file as the original files) and place our "bypass" in the system directory.
3 modify the bitmap button (resource 11118) with a resource in "authui.dll" editor.
4. also modify the "Accessibility" in "es-ES/authui.dll.mui" chain with a resource editor.