To: sourcery
This isn't news. This is how automation testing software works. Everybody that should know already knows about hijacking the message loop. Don't think I've ever seen anybody use this for malicious code, and the message loop goes all the way back to the beginning, it's how Windows has always worked. Much ado about nothing.
35 posted on
08/08/2002 2:20:25 PM PDT by
discostu
To: discostu
This isn't news. This is how automation testing software works. Everybody that should know already knows about hijacking the message loop. Certainly there are legitimate reasons for an application to send many types of messages to windows it doesn't own. Some of these pose some security risks if unrestricted (e.g. posting keyboard events) but are clearly useful in other cases. Others (e.g. 'save edit field to memory') have no legitimate cross-application use and are the source of the security holes discussed here.
37 posted on
08/08/2002 10:23:28 PM PDT by
supercat
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson