On Sat, 17 Oct 2009, András Murányi wrote:
2009/10/17 Mathieu Bouchard <ma...@artengine.ca>
Just [textfile] and [soundfiler] are enough to overwrite important files. A
user's most important data is typically writable, and write-protected files
are usually the files that are easy to reinstall from a DVD or whatever. And
then writability is only one half of the problem when you can have your
personal data uploaded to your enemies.
Or a worm/rootkit set up on your box.
if a user has a single non-root account in which s/he does as many things
as possible, then there's not many important things that you can only do
as root. therefore rootkits have limited usefulness. it's still a VERY
good idea to avoid rootkits, but gaining root isn't making the difference
between stealing an addressbook or not, it isn't making the difference
between rm -rf ~ or not, and it doesn't make the difference between
running a spambot or not.
Indeed. What's worse, i download scripts from unknown dudes and run them
root on a daily basis (most of them are makefiles ;o)
Well, I'm sure you trust your OS provider a lot more than random
fictitious people sending you YourDocument.ZIP.EXE that are associated
with application /usr/bin/wine...
_ _ __ ___ _____ ________ _____________ _____________________ ...
| Mathieu Bouchard, Montréal, Québec. téléphone: +1.514.383.3801
_______________________________________________
Pd-list@iem.at mailing list
UNSUBSCRIBE and account-management ->
http://lists.puredata.info/listinfo/pd-list
