Inside: SereneScreen Fan Forum - View Single Post

rps · 01-19-2009, 04:19 PM

Originally posted by Jim Sachs:

OK, the problem must be farther up the chain, then. I was basing my diagnosis on the statement "Closing the browser will resume the screensaver."

According to Dale, that statement is not true, and MA3 really does not resume. There's a section of code I added a couple of months ago in answer to Vista users complaining about all the black-screen flashes as the program is shutting down. My solution was to switch to a window just an instant before exiting. That may be causing problems with the password system in Vista.

Actually, I don't think that's the problem at all. This is one heck of a security hole, and to be fair, I think it's as much Microsoft's problem as Jim's. Here's what's happening (as far as I can tell):

When the screensaver is launched with "Display logon screen" checked, Vista launches the program in its own "space" (a secure desktop). The logon prompt won't appear until *all* processes in the secure desktop have closed. On my Vista machine, I clicked the website button; then I "requested" c:\windows\system32\cmd.exe, which I was able to save and then run. From my newly opened command window, I was able launch several other windows applications. I didn't get the logon prompt until every last one of them was closed down.

This link may help explain it a little better:

http://www.eggheadcafe.com/forumarch...st25116607.asp

By comparison, Windows XP closes the secure desktop as soon as the screen saver terminates, and kills any child processes immediately. Clicking on the website button on my XP machine terminates the screensaver gives me the logon prompt, but once I've logged in, I never get my browser with the website. (Lost I believe, in the now dead secure desktop.)

I think the solution for Jim is to hide the website button if the screen saver is running in the secure space. It just shouldn't be allowed when it's running from a "locked" screen saver. (I believe that you can detect this by using the WinAPI function OpenInputDesktop. If OpenInputDesktop fails with the last error of "Access is Denied" (error code 5), then you are in secured mode.

Hope this helps!

~Ralph S.

01-19-2009, 04:19 PM	#22
rps Registered Join Date: Oct 2008 Posts: 57	Originally posted by Jim Sachs: OK, the problem must be farther up the chain, then. I was basing my diagnosis on the statement "Closing the browser will resume the screensaver." According to Dale, that statement is not true, and MA3 really does not resume. There's a section of code I added a couple of months ago in answer to Vista users complaining about all the black-screen flashes as the program is shutting down. My solution was to switch to a window just an instant before exiting. That may be causing problems with the password system in Vista. Actually, I don't think that's the problem at all. This is one heck of a security hole, and to be fair, I think it's as much Microsoft's problem as Jim's. Here's what's happening (as far as I can tell): When the screensaver is launched with "Display logon screen" checked, Vista launches the program in its own "space" (a secure desktop). The logon prompt won't appear until all processes in the secure desktop have closed. On my Vista machine, I clicked the website button; then I "requested" c:\windows\system32\cmd.exe, which I was able to save and then run. From my newly opened command window, I was able launch several other windows applications. I didn't get the logon prompt until every last one of them was closed down. This link may help explain it a little better: http://www.eggheadcafe.com/forumarch...st25116607.asp By comparison, Windows XP closes the secure desktop as soon as the screen saver terminates, and kills any child processes immediately. Clicking on the website button on my XP machine terminates the screensaver gives me the logon prompt, but once I've logged in, I never get my browser with the website. (Lost I believe, in the now dead secure desktop.) I think the solution for Jim is to hide the website button if the screen saver is running in the secure space. It just shouldn't be allowed when it's running from a "locked" screen saver. (I believe that you can detect this by using the WinAPI function OpenInputDesktop. If OpenInputDesktop fails with the last error of "Access is Denied" (error code 5), then you are in secured mode. Hope this helps! ~Ralph S.