From 72c3c23ebd2149ea326ad4fe7b71ac7bdefaa514 Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Sat, 4 Feb 2017 12:12:18 +0000 Subject: [PATCH] Document '-restrict-acl' vs subprocesses. (Since we've thought about it.) --- doc/index.but | 4 ++++ doc/using.but | 22 ++++++++++++++-------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/doc/index.but b/doc/index.but index 0375164b..756312d5 100644 --- a/doc/index.but +++ b/doc/index.but @@ -863,3 +863,7 @@ saved sessions from \IM{64-bit Windows} 64-bit Windows \IM{64-bit Windows} Windows, 64-bit + +\IM{Windows process ACL} Windows process ACL +\IM{Windows process ACL} process ACL (Windows) +\IM{Windows process ACL} ACL, process (Windows) diff --git a/doc/using.but b/doc/using.but index b21a9a8b..bc3ad1e5 100644 --- a/doc/using.but +++ b/doc/using.but @@ -1012,15 +1012,15 @@ See \k{config-proxy-type} for more information on this, and on other proxy settings. \S2{using-cmdline-restrict-acl} \i\c{-restrict-acl}: restrict the -Windows process ACL +\i{Windows process ACL} -This option (on Windows only) causes PuTTY to try to lock down the -operating system's access control on its own process. If this -succeeds, it should present an extra obstacle to malware that has -managed to run under the same user id as the PuTTY process, by -preventing it from attaching to PuTTY using the same interfaces -debuggers use and either reading sensitive information out of its -memory or hijacking its network session. +This option (on Windows only) causes PuTTY (or another PuTTY tool) to +try to lock down the operating system's access control on its own +process. If this succeeds, it should present an extra obstacle to +malware that has managed to run under the same user id as the PuTTY +process, by preventing it from attaching to PuTTY using the same +interfaces debuggers use and either reading sensitive information out +of its memory or hijacking its network session. This option is not enabled by default, because this form of interaction between Windows programs has many legitimate uses, @@ -1031,3 +1031,9 @@ up, and malware could still get in if it attacks the process between startup and lockdown. So it trades away noticeable convenience, and delivers less real security than you might want. However, if you do want to make that tradeoff anyway, the option is available. + +A PuTTY process started with \c{-restrict-acl} will pass that on to +any processes started with Duplicate Session, New Session etc. +(However, if you're invoking PuTTY tools explicitly, for instance as a +proxy command, you'll need to arrange to pass them the +\c{-restrict-acl} option yourself, if that's what you want.) -- 2.45.2