At 1:51 PM +0100 4/6/06, Dinis Cruz wrote: > ljknews wrote: > > At 11:39 AM +0000 3/25/06, Dinis Cruz wrote: > > > 3) Since my assets as a user exist in user land, isn't the risk profile > of malicious unmanaged code (deployed via IE/Firefox) roughly the same > if I am running as a 'low privileged' user or as administrator? (at the > > > > If the administrator's assets are compromised, all users of the system > will have their assets compromised. > > > Sure, but if the main assets exist within that user's space, then the >risk is similar.
No, the only thing at risk is the assets of _that_ user, not the other users. > Certainly users should not store credentials in software on a computer. > > > Ok, but this is impossible today (at least in Windows). Windows ? Is that the operating system whose publisher just said it is hopeless to clean up after a successful attack ? > If one is not the administrator, there should be no way to install > software. If there is, the operating system is underprotected. > > > Who said that? William H. Murray of Deloitte and Touche. >I might not be able to put it in under the 'Program files' >folder, add files to the windows directory or write to some sections of >the registry. But since you can run executables, you can perform all sorts >of malicious actions. His ideal model is a machine where the users have no ability to execute a program they introduce to the machine. There is a strict boundary between programs and data. But he is talking about real security, not Windows. -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) [email protected] List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
