Re: New Patch Fixes 43 Flaws In OS X, Many Serious

Daniel Johnson wrote:

"GreyCloud" <mist@xxxxxxxxxxx> wrote in message news:vIOdnQGZbf-2_vfZRVn-hA@xxxxxxxxxxxxxx

Daniel Johnson wrote:

[snip]


Well, I will snip the rest as we should ignore the rest as it is totally irrelevant eh?


I quite agree!


The answer has to do with how processes are started, inherit permissions from the uid/gid, etc.


I don't think so.


Then you should prove your point then, rather than blather about 'I don't think so.'


Everything coming into any UNIX box thru a browser is automatically set to read only.


This is not true. Try it yourself; download a text file
and then check to see if you can edit it.

But it is true.
You should investigate more carefully about this before going on any further. You've been too closely tied to IE.


Even if it were true, it woudl not help; read only
programs can be executed, and once running
can wreak havok.

Which means you are just guessing and don't know.

There is no need to alter anything
that was downloaded.


In IE you can download something and it will automatically execute it. Same for OE.
I'd say that's why the certs recommend FireFox and Thunderbird over IE and OE.



Now you tell me how a foreign program is going to inherit the uid/gid of a user process in order to run or install malware?


If it does not have the setuid bit set, then it inherits the uid/gid
of the process that starts it. The Finder process or the browser's
process or the Dashboard process might do this; all of these
have the user's uid and gid.

But it doesn't, so why go over something you don't know about?


Quite simple.


In your head it is. But in the real world it is rather complicated mechanism. That's why there are books published about UNIX.



--
Where are we going?
And why am I in this handbasket?
.

Relevant Pages