PuTTY semi-bug win-process-acl-finesse

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Pre-release · Snapshot | Docs | Privacy | Changes | Wishlist

summary: Restrictive Windows process ACL causes trouble with screen readers, etc
class: semi-bug: This might or might not be a bug, depending on your precise definition of what a bug is.
priority: high: This should be fixed in the next release.
absent-in: 0.66
present-in: 0.67
fixed-in: e22120fea8d39e6a2ef6b2f4ab3ee5502f56169a 2017-01-30 (0.68)

In PuTTY 0.67 on Windows, we restricted the process ACL with SetSecurityInfo() in an attempt to defend against malicious other processes (such as PuttyRider) injecting code, reading sensitive data, etc. (In 0.67 this only applied to PuTTY and PuTTYtel; in snapshots after 0.67, from 2016-04-03, we also did this for PSFTP, PSCP, Plink, PuTTYgen, and Pageant.)

Perhaps unsurprisingly, this broke some interactions with other software. Here are some things that stopped working with 0.67 which are known or suspected to have been broken by this change:

It might be possible to tone down our restrictive permissions to allow harmless interactions with legitimate software. We've done this a little bit since 0.67, although there's probably scope for more.

However, since it turns out that some screen-reading software (NVDA at least) has behaviour indistinguishable from malware, that approach won't be sufficient.

Update, 2017-01: we have turned off these ACL restrictions by default, so out of the box, all the things that were broken by this in 0.67 should be working again. A new command-line option -restrict-acl lets you get something like the 0.67 behaviour if you don't find it more trouble than it's worth.


If you want to comment on this web site, see the Feedback page.
Audit trail for this semi-bug.
(last revision of this bug record was at 2017-02-25 09:47:14 +0000)