[prev in list] [next in list] [prev in thread] [next in thread]
List: ntbugtraq
Subject: LSA2-FIX breaks apps that access the Security Event Log
From: Paul Whelan-PA <whelan.pa () PG ! COM>
Date: 1998-09-30 17:09:04
[Download RAW message or body]
I have been working with Microsoft on an issue with LSA2-fix that may be of
interest to this audience. I noticed that after applying LSA2, a REXX
script I had written to manage the NT event logs began failing. After
looking at the MS KB, I found an article (Q183770) on how LSA2 broke this
same functionality in a module of SMS. It seems that the LSA2 fix (by
design see Q184017) introduces in EVENTLOG.DLL the requirement that calling
programs have a new privilege (SE_SECURITY_NAME) to access the security
event logs. I believe this will effect every 3rd party app out there that
is analyzing/dumping/reporting on the security event logs including
scripting languages like Perl as well. I also tested DUMPEL from the NT
resource kit and it fails. I don't believe there is general awareness that
SP4 is going to break this functionality. Anyone else have info to the
contrary?
Paul Whelan
whelan.pa@pg.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic