Re: Bypassing Personal Firewalls
From: Johan Verrept (jove@exelsys.be)
Date: 02/23/03
- Previous message: Pui Kin Ser: "Vulnerability for Platinum FTP version 1.0.11"
- In reply to: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Next in thread: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Reply: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 23 Feb 2003 21:13:42 +0100 From: Johan Verrept <jove@exelsys.be> To: Shaun Clowes <shaun@securereality.com.au>
Shaun Clowes wrote:
> Why do you believe that the responsibility of protecting users from
> themselves should be bourne by the operating system? People who are
> using Personal Firewall systems may indeed want to be protected in
> this fashion but I suspect that for most people this is a non issue.
Actually, this has little to do with protecting a user from himself,
this has to do with protecting one process from another. How do you
trust any process you have running if malicious code could have embedded
itself and you have no way of detecting this?
> When all is said and done, if malicious code can run under your user
> ID then everything you do is compromised, I can't see much point in
> giving ourselves a false sense of security.
Perhaps not. But do you see a good reason to allow any process this much
power over another unrelated process? If this kind of power is needed by
one process over another, it should be implemented implicitly in both
processes or the process should run under superuser UID.
regards,
J.
- Next message: alias@securityfocus.com: "Re[2]: PHPNuke SQL Injection / General SQL Injection"
- Previous message: Pui Kin Ser: "Vulnerability for Platinum FTP version 1.0.11"
- In reply to: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Next in thread: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Reply: Shaun Clowes: "Re: Bypassing Personal Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
