RE: How vulnerable is a 'Limited" account on XP?
From: Brad Bemis (Brad.Bemis_at_airborne.com)
Date: 07/09/03
- Previous message: Stephen Samuel: "Re: Red Hat 9: free tickets"
- Maybe in reply to: Bernie Cosell: "How vulnerable is a 'Limited" account on XP?"
- Next in thread: ph1zzle: "Re: How vulnerable is a 'Limited" account on XP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Jul 2003 10:05:02 -0700 To: "Bernie Cosell" <bernie@fantasyfarm.com>, VULN-DEV@securityfocus.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
More often than not the real issues is one of 'privilege escalation'
attempts, or is your question more related to the 'user context'
relationship between malicious code infections and access control
limitations associated with a non-privileged account?
- - Brad Bemis
- -----Original Message-----
From: Bernie Cosell [mailto:bernie@fantasyfarm.com]
Sent: Tuesday, July 08, 2003 10:08 AM
To: VULN-DEV@securityfocus.com
Subject: How vulnerable is a 'Limited" account on XP?
I've been wondering: are there exploits/vulnerabilities that can burrow
into a system through a limited account on XP? I've tried playing around
a little bit [but I'm really not very much of an XP-hacker] and it sure
seems hard to get a toehold on the system from my limited account. With
the entire system drive essentially read-only, and with its not being
able to mess with ADMIN or SYSTEM processes, I wonder just how vulnerable
XP is... [for example, I"ve been tempted (but too chicken) to try
intentionally infecting myself with one or another of the email-borne
viruses just to see how far they could penetrate into my system].
/Bernie\
- --
Bernie Cosell Fantasy Farm Fibers
mailto:bernie@fantasyfarm.com Pearisburg, VA
--> Too many people, too few sheep <--
-----BEGIN PGP SIGNATURE-----
Comment: KeyID: 0xB8F26ADD
Comment: Fingerprint: 6E1C D617 CD65 A203 7FD5 4C68 90E7 39F4 B8F2 6ADD
iQA/AwUBPwxLPpDnOfS48mrdEQL0DgCg1J7Qp4P24Udzg2yOkyjDyj+hG10An3Wn
9QaLfC/7tAib6Jv6paQPd1lb
=8DVO
-----END PGP SIGNATURE-----
- Previous message: Stephen Samuel: "Re: Red Hat 9: free tickets"
- Maybe in reply to: Bernie Cosell: "How vulnerable is a 'Limited" account on XP?"
- Next in thread: ph1zzle: "Re: How vulnerable is a 'Limited" account on XP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
