For some obscure reason this email came thru to me.
Richard
On 10 Aug 2005, at 11:22, Saad Kadhi wrote:
Hi there,
I have recently installed NetNewsWire and I was very much surprised
to see it connecting to the Web without a single alert from Little
Snitch. After some delving, I found out that NetNewsWire uses
Safari to access the Web. The browser tabs that appear inside
NetNewsWire are Safari ones.
Given this, any new application that might want to phone home would
simply need to use an authorized one such as Safari (using an API
of some sort etc.) and go completely unnoticed here. Thus
effectively bypass any security Little Snitch might provide. Am I
wrong here? Is there any option I need to activate on Little Snitch
to stop this from happening?
If this scenario is realistic (as demonstrated with NetNewsWire
+Safari), let's assume we have two applications: application A, a
newly installed application not authorized by Little Snitch to
access the network and application B, which has permit rules to
access it.
One way to thwart this attack path is to control whether
application A is authorized to launch application B (or some part
of it). As a multi-platform user, the personal firewall I use on
Windows XP (Tiny Personal Firewall) does this out-of-the-box, thus
effectively stopping application A from calling application B and
inheriting its permissions.
What does Little Snitch offer in this regard? What can be done to
stop this attack path from happening?
Thanks in Advance for your answers.
--
Saad Kadhi
"He who relieves the poor makes Ahura king"
_______________________________________________
Littlesnitch-talk mailing list
[email protected]
http://at.obdev.at/mailman/listinfo/littlesnitch-talk
_______________________________________________
Littlesnitch-talk mailing list
[email protected]
http://at.obdev.at/mailman/listinfo/littlesnitch-talk
