lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: petard at sdf.lonestar.org (petard)
Subject: Keeping IE up to date on a Windows Server

On Fri, Sep 12, 2003 at 12:05:46AM +1200, Nick FitzGerald wrote:
> (And, if you cannot trust your admins to not surf the web from your 
> servers (or don't know), why not limit their access to iexplore.exe and 
> audit all changes to this file, its ACLs, etc?  After all, it is little 
> more than a window manager providing displays for the output of the 
> various *ML parsers, "security" and script engines, etc, etc that are 
> implemented in a bunch of DLLs and ActiveX controls and whose use by 
> other processes should be unaffected by the permissions set on the IE 
> executable itself...)

That's a useless precaution. Start explorer.exe and type a url
into the location bar. iexplore.exe is never touched. If you can't
trust admins not to surf from your servers, suggest to them that
they need to choose another line of work.

HTH

petard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ