IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 1 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Security Forum / But
Post #169,957
by altmann
8/18/04 6:07:14 PM
Reply
New But
My script could plant a trojan su and prepend the path and wait for the user to go root to do its dirty work, or maybe a trojan gui su for the modern desktop.

And there is plenty of nastiness one can do as a *nix desktop user (Send mail, spyware, erase/harvest valuable information). Block all outgoing ports and you'll have a list of "broken" apps as long as the one being trumpeted re SP2.

There has been a push in the Windows dev community to get developers to make their apps non-admin account friendly. I was under the impression that SP2 made this somewhat easier but I could be conflating that with stuff promised for Longhorn. There is definitely a single user OS legacy to shed there.
--
Chris Altmann
Post #170,020
by folkert
Picture of folkert
8/18/04 11:16:57 PM
Reply
New Way... WAY more trickey.
Why goto the trouble, when you get windows and no other work.

Also, MOST(99%) users do not get root on their machine.

Now if the user runs as root... Well, It has always been rec'd to not use root.

It still will have Single User legacy for as long as they KEEP this codebase.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
     Sheeesh. Already. Egads. No suprise really. (edited link) - (folkert) - (9) - Aug. 18, 2004, 04:12:22 PM EDT
         More from the book of "DUH!" -NT - (inthane-chan) - Aug. 18, 2004, 01:30:49 PM EDT
         Got an error on that link... - (Yendor) - (1) - Aug. 18, 2004, 01:34:40 PM EDT
             thanx, works -NT - (boxley) - Aug. 18, 2004, 01:41:49 PM EDT
         link gets me blank page mozz on winders - (boxley) - Aug. 18, 2004, 01:40:57 PM EDT
         About the first of those "two flaws" - (altmann) - (3) - Aug. 18, 2004, 05:05:21 PM EDT
             Only as - (folkert) - (2) - Aug. 18, 2004, 05:36:31 PM EDT
                 But - (altmann) - (1) - Aug. 18, 2004, 06:07:14 PM EDT
                     Way... WAY more trickey. - (folkert) - Aug. 18, 2004, 11:16:57 PM EDT
         Remote exploit proof of concept - (admin) - Aug. 20, 2004, 11:28:33 AM EDT

Everyone said the hamster catapult wasn't appropriate for the science fair, but no one could stop watching.
62 ms