On Friday 20 August 2004 12:40, John LaCour wrote: > There is absolutely no security issue here. > > ZoneAlarm does not rely on file permissions to protect > any configuration files. Configuration files are protected > by our TrueVector(r) driver in the kernel.
Which is, of course, completely utterly infallible so any additional means are not only unneccessary, but even unwanted. > In addition to protecting configuration files against > unauthorized changes, there are additional integrity checks and other > protection mechanisms implemented for all policy configuration > files. Should any policy configuration files fail integrity > checks, the firewall will fail closed. So effectively, you're unlocking the car doors because it is equipped with a series of alarmsystems. And even if the owner locks the car doors manually, upon activation, the alarm system unlocks them again ? > Again, no issue. You must have a screw loose somewhere. Seriously. Maarten _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
