If an application is a File Compression utility, then there is no
reason why it should have access to the TCP stack.
The problem then, is how to prevent an unprivileged user from setting
up a File Compression utility to access TCP and establish a port to
which an incoming connection can be
At least one aspect of that is a design defect in TCP/IP, allowing
unprivileged users to create a port to receive inbound connections.
I don't think it's fair to call that any kind of defect in TCP/IP.
There is nothing at all in TCP or IP that says anything whatsoever
about what privilege may
At 11:39 AM + 3/25/06, Dinis Cruz wrote:
3) Since my assets as a user exist in user land, isn't the risk profile
of malicious unmanaged code (deployed via IE/Firefox) roughly the same
if I am running as a 'low privileged' user or as administrator? (at the
If the administrator's assets are