On Thu, 14 Sep 2006 23:00:46 +0200 Paul Sebastian Ziegler wrote: > It seems like this system is quite secure. Even if an attacker should > gain root-access locally he would not be able to access anything he > didn't own in the first place.
This approach completly ignores shared "workgroup" storages which are quite commonplace in any business environment. Not only could a malicious user spoil up the (usually rather expensive) data on the storage, he could alter data files to exploit vulnerabilities in client software to get controlling access to user contexts with more / different access permissions. So it is indeed quite important to keep the client OS and applications up to date, regardless of the immutability of those components by the single user. -- Denis Jedig syneticon networks GbR http://syneticon.net/service/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
