Bugtraq mailing list archives
Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior
From: <nagual () bluemail ch>
Date: 19 Dec 2003 11:39:36 -0000
In-Reply-To: <20031217015930.29190.qmail () sf-www1-symnsj securityfocus com> Once you allow native code on a Windows machine, there is no limit to what it can access within its user rights, same with Unix. Even as a non root process any program can do a lot of obnoxious things. Any native code compiled executeable, compiled DLL, complied plug-in or what have you that you run has the same risk. If you don't trust where you're getting it from, don't put it on your machine. It's something we take for granted on these platforms. Perhaps you are from a more interpreted environment where code runs in a virtual machine like Java, BASIC or Batch File programming.
I have concearns about the Plugin arhcitechture and the power given to all the devs out there and possible end user harm. I am writing the FastTrack plugin for Edonkey/Overnet and during this process have realized that this is by far the worst and most insecure plugin architechture I have ever seen in my life. Here is a short list of what they have given 1.14 million users(currently online) to have done on their machine if they are to download an "bad" plugin. 1. Local code execution 2. Unlimited disk access 3. Unlimited sockets access 4. Code propogation through the client over the networks 5. Basically anything you can imagine in the world that can be done to a windows os machine.
Current thread:
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior, (continued)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Eric Anderson (Dec 17)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Pavel Kankovsky (Dec 18)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior ashton (Dec 18)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior Max (Dec 18)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior ashton (Dec 19)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior ashton (Dec 18)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Eric "MightyE" Stevens (Dec 19)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Julian Ashton (Dec 18)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Alexander Demenshin (Dec 18)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior Aaron_Yemm (Dec 18)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior ashton (Dec 18)
- Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior nagual (Dec 19)
- RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior Andre Lorbach (Dec 19)