Win95 & Ctrl-Esc

Donald Gaffney gaffney at salus.med.uvm.edu
Wed Feb 25 18:10:18 GMT 1998


...snip...
> Ok all of that works and yesterday I discovered a hole i didn't knew.
> I knew that when in a session, you get start menu from task bar when you
> press CTRL+ESC.
> What I didn't knew is that, when out of a session, if you pree CTRL+ESC,
> you get task manager. That tool permits you to shutdown computer, but also
> (thanks to Bill Gates) to run an application.
> 
...snip...
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>     Michel  APPLAINCOURT     | E-mail : michel.applaincourt at umh.ac.be
...snip...

Right, this is a _very_ old bug/feature, so you're not the first to find
this fundamental bit of poor logic. Remember, Microsoft only considers
it essential that NT servers be secure, not Win95 workstations. Anything
worth protecting should be on the server. In practice, of course, this is
just silly, but if security and stability are important the proper MS
product is NT workstation, not Win95.

Win95 OS security is an illusion. It is all smoke-and-mirror entries in
the registry and the boot file. It can be easily hacked.

The illusion of security, however, may suffice for some and the quick
solution to the particular problem is to delete/rename/wrap the
taskman.exe file in the Windows directory (this used to work - 'valid
logon required' should be set in poledit but it sounds like you've done
that).

If trapping key sequences is your bag, then there is more info about
doing this (via a vxd I think) on the net at www.phord.com - and probably
more on the MSDN CD.

Good luck - and if you get tired of Win95 consider WinNT with Cygnus
Solutions Kerbnet in a Kerberos domain,

-Don




More information about the samba mailing list