Not encrypted pguard.dat

Discussion in 'ProcessGuard' started by Dardasaba, Apr 24, 2004.

Thread Status:
Not open for further replies.
  1. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    Isn't the pguard.dat file not being encrypted pose a security risk?
    An attacker could just get that file, examine the protected files and their settings and find a vulnerabillity.
    Sorry if I said something stupid, but this is hardly my field.
     
  2. rodsoto

    rodsoto Registered Member

    Joined:
    Mar 18, 2004
    Posts:
    77
    Location:
    Australia
    I was able to view the pguard.dat file whilst not protected by PG. I suppose this would pose a security risk if PG was not protecting. However whilst under protection, pguard.dat was unable to be opened in a text editor or hex editor. Nor was I able to copy the file to another directory to view it as its not in use. I kept getting parameter missing error messages. I believe PG uses this as a form of protection, if your system is protected, you cannot access pguard.dat, nor would a trojan or other malware be able to either
     
  3. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    Ohh... So that's why explorer.exe crashed everytime I right clicked on that file!
     
  4. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Encryption isn't necessary - while Process Guard is active (which is virtually always for most users), pguard.dat is inaccessible to other programs.
     
  5. learningPG

    learningPG Guest

    I am not sure but just ask : how about if a box is shared by some people, assumed that I am the one have access to PG with passwords, others can boot the box in safemode (pg not loaded ?) then they can manipulate that file? Is that wrong?
    TIA
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    I believe you may be correct but only if they have Administrative rights.
     
  7. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    And only if you have not LOCKED PG :)
     
Thread Status:
Not open for further replies.