Re: Another Scripting Hole In Microsoft IE Exposes Local Files

From: Dimitri Maziuk (dima@127.0.0.1)
Date: 01/05/02

  • Next message: Lasse Poeppler: "Re: Network Software" 

    From: Dimitri Maziuk <dima@127.0.0.1>
Date: 5 Jan 2002 22:48:16 GMT

    On Fri, 04 Jan 2002 19:39:55 GMT, Alun Jones wrote:
    > In article <1105_1010167626@bowmore.utu.fi>, Markus Jansson
    ><jansson_markus@ziplip.com> wrote:
    >>On Fri, 04 Jan 2002 15:38:31 GMT, alun@texis.com (Alun Jones)
    >>wrote:
    >>> You seem to think that IE can magically circumvent the OS's
    >>> protections - do you have any reason to believe this, other than a
    >>> desire to think evil of Microsoft?
    >>
    >>IE is part of Windows and cant be ripped off. Opera is not part of
    >>Windows. This was the whole big fuzzle couple years ago when M$
    >>was sued for monopoly charges.
    >
    > Again, I ask, what does this have to do with whether one is intrinsically more
    > able to access items to which it doesn't have privilege? Yes, Microsoft's
    > claim that IE is "part of the operating system" is a maneuvering tactic
    > designed to confuse the legal issues surrounding lawsuits against them - but
    > that mere legal wording has no effect on the underlying protections in
    > Windows. IE is still the application it always was, and has no more rights or
    > privileges to access your system than any other application.

    Not exactly. The problem is that Windows application can install
    its own version(s) of *system* libraries. That *could* give it
    a way to circumvent OS privileges -- in practice this is a moot
    point since there aren't too many privileges to circumvent --
    but it does answer your question: IE can magically circumvent
    OS protections via its custom versions of system DLLs.

    (I can't be more specific because it's been a couple of years
    since I did Windows, and relevant neurons have been recycled
    by now).

    Dima 

    --

    Relevant Pages

    • Re: 265,000 new zombie PCs a day!
      ... there are so many holes in OS X that will let an attacker ... Windows never was designed to be a network, ... Apple hasn't fixed the "entire problem" on OS X. ... in privileges. ...
      (comp.sys.mac.advocacy)
    • Re: 265,000 new zombie PCs a day!
      ... there are so many holes in OS X that will let an attacker take ... Windows never was designed to be a network, ... Apple hasn't fixed the "entire problem" on OS X. ... in privileges. ...
      (comp.sys.mac.advocacy)
    • Re: Five Architectural Flaws in Windows Solved In Mac OS X
      ... It is possible to construct a service that interacts with the user and is highly privileged in Windows. ... Since Windows uses a Secure Attention Key, it is not possible to leech passwords with a fake password dialog. ... In a lot of the cases where OS X prompts for a password, it isn't because it's necessary to escalate privileges, because actual root privileges are needed. ...
      (comp.sys.mac.advocacy)
    • Re: Is Windows inherently more vulnerable to malware attacks than OS X?
      ... in privileges. ... code on Windows; ... My right to track down malware on ... users need to be able to access their own files, install ...
      (comp.sys.mac.advocacy)
    • Is Windows inherently more vulnerable to malware attacks than OS X?
      ... It took an attack on a Windows production server, ... Windows services that run with SYSTEM privileges. ... · By default, Windows launches all services with SYSTEM-level ...
      (comp.sys.mac.advocacy)