[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTimWM8eY5c126S9L4DyGQSHhh6YR=2aTXQW0_4Kb@mail.gmail.com>
Date: Mon, 30 Aug 2010 17:52:27 -0400
From: Dan Kaminsky <dan@...para.com>
To: Pavel Kankovsky <peak@...o.troja.mff.cuni.cz>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: DLL hijacking with Autorun on a USB drive
On Mon, Aug 30, 2010 at 11:45 AM, Pavel Kankovsky <
peak@...o.troja.mff.cuni.cz> wrote:
> On Thu, 26 Aug 2010, Dan Kaminsky wrote:
>
> > The question is whether they're supposed to execute code in this
> > particular context.
>
> I think the question ought to be: what authority and privileges shall be
> granted to the code when it is executed?
>
Yeah, and the thing about all of the desktop shells (Explorer, Finder, etc)
is that they're all just as happy to open a Word Document with winword.exe,
as they are to open winword.exe (or something else with that name) itself.
In other words, the security model is that authority and privileges are the
expansive set that is full code execution as that user.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists