[extropy-chat] Software exposure: was Re: Eugen Leitl, you got Klez
eugen at leitl.org
Thu Feb 12 10:36:00 UTC 2004
On Thu, Feb 12, 2004 at 02:22:15PM +0930, emlyn on nagero wrote:
> True enough. OTOH, can you convince me that 90+% of machines which were
> single user machines wouldn't have been always used with administrator
> permissions, circumventing all security?
Are you saying everyone running *nix is cruising as root? I've seen very,
very few people posting as root, and usually everybody would come down their
asses. Single buffer overrun, instant root. No need for privilege elevation,
which makes writing exploits more difficult.
Of course, you can do almost everything as non-admin in *nix. You can't do much as
non-Administrator on Windows. It's because the "developers" are used to
assume everyone's allowed God mode. Prompting user for sysadmin
access, or suid root/sudo are completely alien concepts to those people.
Each time I've seen Windows programmers porting stuff to *nix they behaved
like dorks. Unreasonable assumptions, always doing the same mistakes. It
doesn't mean all of them that way, but I'm describing a common archetype.
The *nix->Windows is quite easy -- though most developers complain about a
crippled environment. They can get used to it, but it is not fun.
-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: not available
More information about the extropy-chat