| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200503221236.j2MCamYD023149@sdf.lonestar.org> Date: Tue, 22 Mar 2005 12:36:48 GMT From: BoneMachine <bonemach@....lonestar.org> To: bugtraq@...urityfocus.com Subject: Re: Symantec Antivirus client locally created scheduled scan is not running if the local console is logged off Hi, I am not sure if I understand your point. I thought that the Symantec antivirus (and the norton/symantec corporate edition antivirus) products had (at least) two parts. One part is the scanner that runs as a service with system privileges and is meant to perform the (realtime)scans. The other part is the user-part. This part starts at login and runs with the privileges of the logged-on user. When a scan is scheduled using the user-part, the user-part checks if it is time to perform a scan. When it is time, the client kicks the scanner (running as service with system privileges) and the scanner is performing the scan. IRC the scanner-service drops privileges to the logged-on-user and then scans the system. Therefore, it is not possible that the host is scanned without a logged-on-user. So, what is your point exactly. Why is this a vulnerability? What are your expectations of the virus-scanner that make it vulnerable or what kind of virus are you trying to find with your not-logged-in scan? Bone Machine --- "You can't see it unless your flying by" - The Pixies
Powered by blists - more mailing lists