Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Thread beginning with comment 394232
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[6]: Comment by simon17
by PlatformAgnostic on Thu 12th Nov 2009 09:21 UTC in reply to "RE[5]: Comment by simon17"
Member since:

Not true. There are several attacks one could perform on a logged on system to gain full privilege later on by fooling the user into giving up his password. Depending on path settings, or specifics of the environment, you can create a script/program that masquerades as a legitimate higher privileged application and takes control next time the user performs that activity.

Maybe there are some mitigations already in the Linux environment that I don't know about. Do the DEs in some way protect shortcuts to important apps from tampering (e.g. the launcher icon for the package manager)? Is the path in the shell always ordered so that privileged directories come before unprivileged ones? Is there no way for a malicious program to reorder the path once it is established, or launch a sub-shell later on with a reordered path?

Reply Parent Score: 2