TONT 34563 当人们要将安全漏洞作为功能的时候:静默安装未经认证的驱动

原文链接:https://devblogs.microsoft.com/oldnewthing/20050816-08/?p=34563

Probably the single greatest source of bluescreen crashes in Windows XP is buggy device drivers. Since drivers run in kernel mode, there is no higher authority checking what they’re doing. If some user-mode code runs amok and corrupts memory, it’s just corrupting its own memory. The process eventually crashes, but the system stays up. On the other hand, if a driver runs amok and corrupts memory, it’s corrupting your system and eventually your machine dies.

Windows XP 蓝屏崩溃的最大原因之一是有问题的设备驱动。由于驱动运行在内核模式下,已经没有更高级别的机制来监控它们在做什么了。如果一段用户模式下的代码发飙,破坏了内存数据,那它也只是破坏了它自己的内存段而已。其进程最终会崩溃,但整个系统还是好好的。另一方面,如果某个驱动程序发飙,破坏了内存数据,那它破坏的是整个系统,最终你的机器会停止运转。

In acknowledgement of the importance of having high-quality drivers, Windows XP warns you when an uncertified driver is being installed. Which leads to today’s topic, a question from a device driver author.

鉴于驱动高质量的重要性,Windows XP 会在安装未经认证的驱动时警告用户,这就引出了今天的话题,是一位来自某个设备驱动程序作者的提问:

When I try to install any driver, I get a User Consent Dialog box which tells the user that this is an unsigned driver. Is it possible to author a driver installation package that by-passes this user consent dialog box?

当我尝试安装驱动时,系统都会弹出一个请求用户允许的对话框,告诉用户正在安装一个未签名的驱动。有没有办法编写一种驱动安装包,能让系统不显示这个对话框?

The whole purpose of that dialog is to prevent the situation you desire from happening! [typo fixed 5pm] If you don’t want the warning dialog, submit your driver for certification. (For testing purposes, you can sign your drivers with the test root certificate and install the test root certificate before running your setup program. Of course, installing the test root certificate also causes the desktop to read “For test purposes only” as a reminder that your machine is now allowing test-signed drivers to be installed.)

这个对话框的存在意义,可正是阻止你所想要的这种事情的发生啊!如果你不想让这个对话框出现,那就把你的驱动提交认证就好。(如果是出于测试的目的,你可以将你的驱动用测试根证书签名,并且在运行你的安装程序之前安装这个测试根证书。当然,安装测试根证书会让桌面上冒出“仅供测试使用”的字样,用来提醒你你的机器目前允许安装测试签名的驱动。)

Driver writers, of course, find the certification process cumbersome and will do whatever they can to avoid it. Because, of course, if you submit your driver for certification, it might fail! This has led to varying degrees of shenanigans to trick the WHQL team into certifying a driver different from the one you intend to use. My favorite stunt was related to my by a colleague who was installing a video card driver whose setup program displayed a dialog that read, roughly, “After clicking OK, do not touch your keyboard or mouse while we prepare your system.” After you click OK, the setup program proceeds to move the mouse programmatically all over the screen, opening the Display control panel, clicking on the Advanced button, clicking through various other configuration dialogs, a flurry of activity for what seems like a half a minute. When faced with a setup program that does this, your natural reaction is to scream, “Aaaiiiiigh!”

而驱动的编写者们,自然而然地发现这个认证过程缓慢而冗长,继而想出各种各样的办法来避免之。毕竟,如果你把自己的驱动提交认证的话,还是有通不过的可能性的!这种可能性让开发者们想出了各种稀奇古怪的门路,让WHQL团队给你所提交的驱动进行认证,但实际发布的则不是那一个。我所最喜欢的一则是由我的同事提供的,当他安装某款显卡驱动的时候,安装程序弹出一个对话框,上面大体上写着这些内容:“点击OK后,在我们帮你为系统进行准备配置时,请不要操作键盘或鼠标。”点击OK之后,安装程序就开始以程序操作你的鼠标满屏幕跑,打开『显示』控制面板,点击『高级』按钮,然后这里那里点击很多配置项,一同忙乱下来大概要花半分钟左右。面对这样的安装程序,你的内心想必是在大喊『啊啊啊啊啊』的吧。

Comments

发表评论

电子邮件地址不会被公开。 必填项已用*标注

 剩余字数 ( Characters available )

Your comment will be available after auditing.
您的评论将在通过审核后显示。

Please DO NOT add any links in your comment, otherwise it would be identified as SPAM automatically and never be audited.
请不要在评论中插入任何链接,否则将被自动归类为垃圾评论,且永远不会被提交给博主进行复审。

*