lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: toddtowles at brookshires.com (Todd Towles) Subject: Unsecure file permission of ZoneAlarm pro. Sounds like it about as easy to shutdown as Microsoft's SP2 firewall... Overwrite a file, it fails integrity checks and the firewall will fail closed. There is something to add to a dropper program. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Maarten Sent: Friday, August 20, 2004 7:54 AM To: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Unsecure file permission of ZoneAlarm pro. On Friday 20 August 2004 12:40, John LaCour wrote: > There is absolutely no security issue here. > > ZoneAlarm does not rely on file permissions to protect > any configuration files. Configuration files are protected > by our TrueVector(r) driver in the kernel. Which is, of course, completely utterly infallible so any additional means are not only unneccessary, but even unwanted. > In addition to protecting configuration files against unauthorized > changes, there are additional integrity checks and other protection > mechanisms implemented for all policy configuration files. Should any > policy configuration files fail integrity checks, the firewall will > fail closed. So effectively, you're unlocking the car doors because it is equipped with a series of alarmsystems. And even if the owner locks the car doors manually, upon activation, the alarm system unlocks them again ? > Again, no issue. You must have a screw loose somewhere. Seriously. Maarten _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists