Re: Privilege-escalation attacks on NT-based Windows are unfixable

From: Edward Elliott (nobody@127.0.0.1)
Date: 08/22/02


From: Edward Elliott <nobody@127.0.0.1>
Date: Thu, 22 Aug 2002 19:29:57 GMT

david20@alpha1.mdx.ac.uk wrote:
> Depends what is done on the compromised workstation. For instance if a
> workstation is compromised and then a user on that workstation uses Kerberos
> then a program can easily grab that user's credentials.

In other words, it depends on your network trust model. If hosts on the
network are highly trusted, elevating privileges on one machine can be
disastrous. If the hosts are mutually untrusting, privilege escalation
won't buy an attacker much.

-- 
Edward Elliott