| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1067835016.1378.83.camel@localhost> From: frank at knobbe.us (Frank Knobbe) Subject: Gates: 'You don't need perfect code' for good security On Sun, 2003-11-02 at 21:09, Valdis.Kletnieks@...edu wrote: > On Mon, 03 Nov 2003 12:23:06 +1300, Nick FitzGerald <nick@...us-l.demon.co.uk> said: > > Finding the actual location of the startup folder was beyond the > > exploit because it was running in an environment that could not query > > the registry or other system APIs that would reveal the location. Actually, I think it was beyond the knowledge of the exploit writer. :) > And for bonus points, explain how you fix the scheme so the poor sysadmin who > has to run stuff at startup is able to find the folder, but an exploit running > with 'administrator' or 'system' can't find it? Sure. %SYSTEMROOT%. %WINDIR%, or %USERPROFILE% should work just fine for most cases of scripting and such. Of course viruses and other malware can use the same environment vars. I guess the writers of these annoyances didn't think that far.... lucky us :) Regards, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031102/3e1ee107/attachment.bin
Powered by blists - more mailing lists