On Thursday 05 November 2009 06:56:54 Basil Chupin wrote:
The thought in my mind, then, is, "Does a vulnerability in Linux exist?".
A straightforward question, and from what Rajko mentioned, in his last post here, has only added to my concern about this matter.
The straight-forward response is no, this does not in any way imply a vulnerability in linux. There may or may not be bugs in flash that would allow things like that to happen, but so far I haven't heard of any. The point is that if there is a bug in a piece of software, there will also be a way to exploit it, and this ranting about cookies and caches is a complete red herring. Virtually no servers that have exploits allow data to be uploaded, and yet through exploited bugs code can be, and then executed. If there is a bug present, hackers rarely need any help to get their code onto your machine.. Besides which, flash in itself already means you are executing code on your machine, whether it is the adobe/macromedia player, or gnash, or something else. It runs in a sandbox as with all other virtual machines that execute code, such as java, dotnet or PDF/postscript (yes, that is also code that gets executed), so if there is a bug that would allow malicious behaviour, the lack of a local cache will not help you in any way Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org