[29005] in bugtraq
Re: Bypassing Personal Firewalls
daemon@ATHENA.MIT.EDU (Johan Verrept)
Mon Feb 24 12:54:46 2003
Message-ID: <3E592B76.9080707@exelsys.be>
Date: Sun, 23 Feb 2003 21:13:42 +0100
From: Johan Verrept <jove@exelsys.be>
MIME-Version: 1.0
To: Shaun Clowes <shaun@securereality.com.au>
In-Reply-To: <5.2.0.9.0.20030222125953.00acd338@mail.securereality.com.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Shaun Clowes wrote:
> Why do you believe that the responsibility of protecting users from
> themselves should be bourne by the operating system? People who are
> using Personal Firewall systems may indeed want to be protected in
> this fashion but I suspect that for most people this is a non issue.
Actually, this has little to do with protecting a user from himself,
this has to do with protecting one process from another. How do you
trust any process you have running if malicious code could have embedded
itself and you have no way of detecting this?
> When all is said and done, if malicious code can run under your user
> ID then everything you do is compromised, I can't see much point in
> giving ourselves a false sense of security.
Perhaps not. But do you see a good reason to allow any process this much
power over another unrelated process? If this kind of power is needed by
one process over another, it should be implemented implicitly in both
processes or the process should run under superuser UID.
regards,
J.
