Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unsecure file permission of ZoneAlarm pro.

From: Birl <sbirl () temple edu>
Date: Fri, 20 Aug 2004 13:54:33 -0400 (EDT)
On Aug 20, bipin gautam (nospam-visitbipin () yahoo com ns) typed:

bipin:  > On Friday 20 August 2004 12:40, John LaCour wrote:
bipin:  > > There is absolutely no security issue here.
bipin:  > >
bipin:  > > ZoneAlarm does not rely on file permissions to protect
bipin:  > > any configuration files.   Configuration files are protected
bipin:  > > by our TrueVector(r) driver in the kernel.
bipin:  >
bipin:  > Which is, of course, completely utterly infallible
bipin:  > so any additional means are
bipin:  > not only unneccessary, but even unwanted.
bipin:
bipin:  In my part of globe, 90% of dialup users just turn on
bipin:  zone alarm pro. JUST before connecting to the
bipin:  internet... cauz its too annoying cauz zap pop's up
bipin:  with bla...bla...bla quit often and use resources
bipin:  etc...
bipin:
bipin:  bipin




Aye.  ZA Pro does consume quite a bit of the CPU at times.
Im consdering a hardware fw just for that reason.

There are other things about logging that concern me as well.
But that's different topic.




 Scott Birl                              http://concept.temple.edu/sysadmin/
 Senior Systems Administrator            Computer Services   Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: