On Thursday 05 November 2009 20:12:11 Brian K. White wrote:
Your arguments hinge on there being essentially no difference between the two,
No it doesn't, not in any way. The OP raised the issue of flash storing cookies as a security issue, and I pointed out that it makes no difference whatsoever. If there is a bug, it can be exploited with or without cookies
All I said was that if there is a bug in the flash software, the presence or absence of the cache is completely irrelevant.
That's a pretty amazing statement. How do you figure?
It's quite simple: if the cookies are to be exploited, there needs to be a bug that allows a flash program to execute a generic binary that is outside the flash sandbox. Once that happens, you have lost, because that means the flash code is already outside the sandbox and can do pretty much what it wants. You don't need 100K for an exploit, most shell code contained in exploits is only a few hundred bytes or less, easily stored in a normal cookie. Sure there may be security problems in flash, but that cache is irrelevant to it Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org