Re: [Full-Disclosure] Unsecure file permission of ZoneAlarm pro.
From: Birl (sbirl_at_temple.edu)
To: firstname.lastname@example.org Date: Fri, 20 Aug 2004 13:54:33 -0400 (EDT)
On Aug 20, bipin gautam (email@example.com) typed:
bipin: > On Friday 20 August 2004 12:40, John LaCour wrote:
bipin: > > There is absolutely no security issue here.
bipin: > >
bipin: > > ZoneAlarm does not rely on file permissions to protect
bipin: > > any configuration files. Configuration files are protected
bipin: > > by our TrueVector(r) driver in the kernel.
bipin: > Which is, of course, completely utterly infallible
bipin: > so any additional means are
bipin: > not only unneccessary, but even unwanted.
bipin: In my part of globe, 90% of dialup users just turn on
bipin: zone alarm pro. JUST before connecting to the
bipin: internet... cauz its too annoying cauz zap pop's up
bipin: with bla...bla...bla quit often and use resources
Aye. ZA Pro does consume quite a bit of the CPU at times.
Im consdering a hardware fw just for that reason.
There are other things about logging that concern me as well.
But that's different topic.
Scott Birl http://concept.temple.edu/sysadmin/
Senior Systems Administrator Computer Services Temple University
Full-Disclosure - We believe in it.