On Thu, 2009-11-05 at 20:39 +0100, Anders Johansson wrote:
On Thursday 05 November 2009 20:12:11 Brian K. White wrote:
Your arguments hinge on there being essentially no difference between the two,
No it doesn't, not in any way.
The OP raised the issue of flash storing cookies as a security issue, and I pointed out that it makes no difference whatsoever. If there is a bug, it can be exploited with or without cookies
All I said was that if there is a bug in the flash software, the presence or absence of the cache is completely irrelevant.
That's a pretty amazing statement. How do you figure?
It's quite simple: if the cookies are to be exploited, there needs to be a bug that allows a flash program to execute a generic binary that is outside the flash sandbox. Once that happens, you have lost, because that means the flash code is already outside the sandbox and can do pretty much what it wants. You don't need 100K for an exploit, most shell code contained in exploits is only a few hundred bytes or less, easily stored in a normal cookie.
Sure there may be security problems in flash, but that cache is irrelevant to it
Anders
Ok I'll grant that flash could be equally dangerous by downloading something into memory just as much as downloading it into a file. But the possible problems were beyond that one possible mis-use. The others were related to collecting, storing, and relaying or forwarding data unrelated to the users nominal intentions, and without the users knowing, or knowing consent. I guess the same could be done in ranm minus the ability to store it for later or for one site to leave for another to pick up. 100k is certainly not a noticeable amount of ram by todays standards. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org