question

kk-3543 avatar image
0 Votes"
kk-3543 asked

Is it possible to create a driver specfic SID for an UMDF driver?

Similar to creating a service specific SIDs for windows services, Is it possible to create a driver specific SID for an umdf driver to differentiate between different umdf drivers. My goal is to allow a specific umdf driver access to my KMDF driver by adding the driver specific SID in the allowed ACLs. Allowing entire class of UMDF driver provides access to all umdf drivers, which is undesirable. UMDF runs in a local service account, but although not a windows service. It should be a unique SID across the entire world. Please suggest.

Reference: https://techcommunity.microsoft.com/t5/ask-the-performance-team/ws2008-windows-service-hardening/ba-p/372702

windows-10-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers