[extropy-chat] Software exposure: was Re: Eugen Leitl, you got Klez
emlyn on nagero
nagero at chariot.net.au
Wed Mar 3 11:48:25 UTC 2004
At 08:06 PM 12/02/2004, you wrote:
>On Thu, Feb 12, 2004 at 02:22:15PM +0930, emlyn on nagero wrote:
>
> > True enough. OTOH, can you convince me that 90+% of machines which were
> > single user machines wouldn't have been always used with administrator
> > permissions, circumventing all security?
>
>Are you saying everyone running *nix is cruising as root? I've seen very,
>very few people posting as root, and usually everybody would come down their
>asses. Single buffer overrun, instant root. No need for privilege elevation,
>which makes writing exploits more difficult.
Most users might be doing it if it was the mass market single user
(standalone) OS. The people who use it now probably wouldn't in either
scenario.
>Of course, you can do almost everything as non-admin in *nix. You can't do
>much as
>non-Administrator on Windows. It's because the "developers" are used to
>assume everyone's allowed God mode. Prompting user for sysadmin
>access, or suid root/sudo are completely alien concepts to those people.
Guilty :-)
Emlyn
More information about the extropy-chat
mailing list