On Tue, 7 Aug 2007, Clayton wrote:- <snip>
This does not account for buffer overflow exploits etc...I seem to remember one recently (in the past year) that would give you root access to a remote machine... scary except that you had to be root already to get into the state where the exploit could be triggered.. giving you root access to something you were already logged into as root... so not much of an exploit.
If you can get a normal user to execute something that is able to use a local root exploit, that users system could be very easily compromised. All it would need is for whatever used the root exploit install a root-kit, downloading whatever is needed as required, and the system can end up in a similar state as a virus-infected Windows system. However, all this is based upon the premise that you have a user[0] so idiotic that they'd specifically save an attachment, make it executable, actually open this executable file, and that the exploit it wishes to exploit is actually present on that system. Any of these don't occur, there will be no infection. Of course, there's also those infections that occur without user intervention, but those tend to come in through security holes in server daemons which are unlikely to be running on a normal users desktop system. [0] Of which I'm absolutely certain there either are some right now, or there will be some in the future. Regards, David Bolt -- Member of Team Acorn checking nodes at 100 Mnodes/s: www.distributed.net RISC OS 3.11 | SUSE 10.0 32bit | SUSE 10.1 32bit | openSUSE 10.2 32bit RISC OS 3.6 | SUSE 10.0 64bit | SUSE 10.1 64bit | openSUSE 10.2 64bit TOS 4.02 | SUSE 9.3 32bit | | openSUSE 10.3a6 32bit -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org