Re: spatial stuff detail



You can have local access without physical access.  And, as I the
scenario I previously described, local exploits can be used maliciously
by third parties without the knowledge or consent of the user by sending
the user seemingly innocuous data.

-Rob

On Tue, 2003-09-23 at 16:31, Guido Schimmels wrote:
> Am 23.09.2003 23:33:37 schrieb(en) Andrew Sobala:
> > On Tue, 2003-09-23 at 22:08, Guido Schimmels wrote:
> > > Am 23.09.2003 20:41:46 schrieb(en) George:
> > > > On Tue, Sep 23, 2003 at 05:00:35PM +0200, Guido Schimmels wrote:
> > > > > And security holes almost always only affect commandline tools
> > and
> > > > > popular shared libraries. How does a remote exploit for GIMP
> > look
> > > > like?
> > > >
> > > > Like an obscure library doing a buffer overflow on reading an
> > obscure
> > > > picture
> > >
> > > And then what? Please elaborate the remote exploit scenario. Local
> > > exploits are irrelevant.
> > 
> > Why?
> 
> Because security doesn't exist when you have physical access. The best  
> you can hope for is that I can't spy out your data on an encrypted  
> filesystem. Other than that I can simply pop in a Knoppix CD and mount  
> your HD(s). If the BIOS is locked down, and I'm not enough of a  
> criminal to know the master password for your BIOS (every BIOS has a  
> master password), I open the case and carry your HD's home.
> 
> And if your employees hack their boxen, time spent on reghosting should  
> be your smallest concern.
> _______________________________________________
> desktop-devel-list mailing list
> desktop-devel-list gnome org
> http://mail.gnome.org/mailman/listinfo/desktop-devel-list




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]