 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Techincally, if I read it right, it is not Microsoft's fault completely. MSFT is definitely at fault for providing a easy conduit for this to happen, but isn't the problem with the AV scanner he is telling to run his code? All he is doing is feeding some shellcode to a program that is running as "root". Running a program with a privliged account that is directly accessible to the user like that is bad. (For example, Norton Corp Ed. has a engine running as LocalSystem, but the UI is running as the account logged in, IIRC) ~Ben -- /"\ Ben Jackson \ / bejackso at lynx.dac.neu.edu - http://piro.dnsq.org/~bbj X Member of the ASCII Ribbon Campaign Against HTML Mail / \ On Tue, 6 Aug 2002, Bill Bogstad wrote: > > Derek Kramer wrote: > On Tue, 6 Aug 2002, Derek D. Martin wrote: > > > >> If you're relying on Windows privileges to secure your network, you're > >> basically screwed. A whitepater was released today detailing how to > >> gain localsystem privileges on any Win32-based platform. And the > >> kicker is, because it takes advantage of a fundamental flaw in the > >> design of Windows, it's basically unpatchable, requiring a complete > >> overhaul of the Windows messaging system to fix. > >> > >> And the best part is, if you're providing terminal services via a > >> Citrix server, anyone can own your server, and you'll never be able to > >> stop them... > >> > >> http://security.tombom.co.uk/shatter.html > > > >I read this in detail, and I hate to admit that I agree with Microsoft. > >Once bad people are sitting logged onto your machine, you should already > >considered it compromised, regardless of what techniques the bad person > >has at their disposal. > > So a command line overflow exploit in a setuid-root ps binary on a > UNIX machine is unimportant because you shouldn't ever let 'bad > people' have a login on your machine? I thought security was about > being able to limit the resources that a user could access on a > machine even when they had some level of legal access. You seem to be > advocating a security model of 'good' and 'bad' users where 'good > users' can do anything and 'bad users' can do nothing. Maybe you > missed the part where this worked via terminal services as well. You > don't need physical access, apparently you only need the equivalent of > a UNIX login. I believe that any operating system vendor who claims > that something isn't a security issue because you have to have some > level of valid access to exploit it should be condemmed. PERIOD. > > Bill Bogstad > bogstad at pobox.com > > _______________________________________________ > Discuss mailing list > Discuss at blu.org > http://www.blu.org/mailman/listinfo/discuss >
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
