Re: New Patch Fixes 43 Flaws In OS X, Many Serious

"GreyCloud" <mist@xxxxxxxxxxx> wrote in message
news:vIOdnQGZbf-2_vfZRVn-hA@xxxxxxxxxxxxxx
Daniel Johnson wrote:
[snip]

Well, I will snip the rest as we should ignore the rest as it is totally
irrelevant eh?

I quite agree!

The answer has to do with how processes are started, inherit permissions
from the uid/gid, etc.

I don't think so.

Everything coming into any UNIX box thru a browser is automatically set
to read only.

This is not true. Try it yourself; download a text file
and then check to see if you can edit it.

Even if it were true, it woudl not help; read only
programs can be executed, and once running
can wreak havok. There is no need to alter anything
that was downloaded.

Now you tell me how a foreign program is going to inherit the uid/gid of a
user process in order to run or install malware?

If it does not have the setuid bit set, then it inherits the uid/gid
of the process that starts it. The Finder process or the browser's
process or the Dashboard process might do this; all of these
have the user's uid and gid.

Quite simple.



.

Relevant Pages

  • Re: New Patch Fixes 43 Flaws In OS X, Many Serious
    ... Then you should prove your point then, rather than blather about 'I don't think so.' ... In IE you can download something and it will automatically execute it. ... If it does not have the setuid bit set, then it inherits the uid/gid ...
    (comp.sys.mac.advocacy)
  • Re: New Patch Fixes 43 Flaws In OS X, Many Serious
    ... Try it yourself; download a text file ... user process in order to run or install malware? ... If it does not have the setuid bit set, then it inherits the uid/gid ...
    (comp.sys.mac.advocacy)
  • Re: Have Zonealarm but junk still gets thru !
    ... > i checked my system with a scan with Ewido and found tons of rubbish ... No firewall but only yourself can protect you from your own stupidity to ... download and install malware. ...
    (comp.security.firewalls)