lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 14 May 2007 15:40:06 -0700
From: Troy <gimmespam@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Linux big bang theory....

On 5/13/07, Just1n T1mberlake <hotpackets@...lokitty.com> wrote:
>
> Of course no operating system is invincible when you have full access
> to the machine. You could just delete all of the files yourself.
> OSX isn't using all of the tricks like windows does to try and hide
> executables throughout dlls and other such files. Ever heard of dll
> hell? No wonder these machines are broken into so often.


An improperly coded DLL does no more damage to system security than an
improperly coded standard EXE file. DLLs do not make it easier to break into
a Windows machine.

Do you even know the purpose of using a DLL instead of an EXE? Do you even
know what "DLL" means? Have you ever used a DLL? I've coded them, and
there's nothing I can do with a DLL that I can't do with an EXE. A DLL isn't
designed to hide executables for security reasons. It's designed to allow a
library of code to easily be shared between applications (hence the name).
They also allow libraries to be used and sold without having to release the
source code.

As far as "DLL Hell" is concerned, that's just a type of "dependency hell,"
which allicts (or has afflicted) several different operating systems,
including Mac OS and Linux. It also hasn't been a major problem with Windows
since NT 4 and 9x. Even when it was at its worst in Windows 3.1, it was
nothing compared to the extension conflicts of System 7. Those used to drive
me nuts.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ