Vulnerability Development mailing list archives
Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs
From: 11a () GMX NET (Bluefish)
Date: Wed, 17 May 2000 03:56:31 +0200
Yeah, some upgrading will band-aid the sitiuation, but... You are still only seeing half of it. They are dependant on user interaction *and* the ability for a program to own the machine. If you
Sorry but I don't follow. IMHO they do not need to "own" the machine, just to be "executed" upon it. Scenario: somebody decides to write a unix worm. A perl script which spreads by mailing itself. It will *not* own the machine. It will merely be executed. It will however be executed with your UID and can destroy all your documents. Sure, it won't "own" the machine (won't be root), but the effect will be almost as bad for you. Now, I do note the possibility to create workarounds for this, most importantly sandboxes (setuid nobody /sandbox/bash, or even better chrooted with limited capabilities etc) which are due to the multiuser aware operating systems. But since sandboxes are not commonly used for this purpose (I'm not aware of any email client offering 'secure' executation of incomming files) at today standard it will work. However, I don't think it actually will spread very much. Why? Because most unix users will reply to the sender with "hey that gotta be a virus", and those who don't get the picture have a email client which allows you to do stupid things that easily (I *assume* no client upon unix allows you to execute code in one click ;) What I wanted to show with the argument however was that as today the differences regarding email worm-capabilities on unix is possible and the real difference isn't the security in the operating system but that the interfaces are more clear and it isn't so easy to do folish things.
Oh sure. I know for a fact that KDE, a very popular Linux WIndow Manager features kmail which handles mime attachments very well. I routinely have Mathematica launched to handle an attachment. I'm fairly cetain that popular formats like PDF, postscipt etc are handled "right out of the box." Even if this is the only window manager available that does this out of the box (I doubt it) the point is, there will be soon.
The security of that then relies upon the specific file formats to have secure handlers. If it supports a scripting languange, or a data format with severe bugs, we could potentionally have the same problem as we have with VBS on W9x.
> > > trait. But as I pointed out earlier, *nix has compartmentization in the > > design, so even if these capabilities are built into the GUI, the overall > > ability for hostile code to damage the system is still much less than with > > W9x because any program can basically "own" the computer in W9x if written > > properly.
This is true. I use this by having more than one UID assigned to myself. But AFAIK most people does *not* use more than one UID, and doesn't have any kind of sandbox either. So the reports of lost media files eyc is possible on most systems.
You will fail. Having experience with 12,000+ user - intranets tells me that you can't "educate" everybody, so that is not the solution. Clear interfaces are the band-aid.
I agree that teaching users is a dead end. There are numerous that cannot be tought (as opposed to what some people have expressed both on list and off list. But if I do believe it does a difference to the users which have any clues left that if you can easily see that you are about to execute something, not simply "view" it, will think twice.
That's where you are really wrong. When the general public get's into thier head that their data (their homework, their painting etc.) is at the mercy of almost any bored 15 year-old and there is no permanent solution in 9x, they'll move on.
"get into their heads" sounds very close to "educate them"... How to make people understand what has been known for long? Personly, I believe the avarage windows computer is never upgraded. The 'upgrade' comes when the user buys a new computer. ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: regarding phrack49's stack smashing tutorial, (continued)
- Re: regarding phrack49's stack smashing tutorial Pavel Kankovsky (May 14)
- Re: regarding phrack49's stack smashing tutorial Darshan Patil (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- is: tcp/ip vuln, not?... was: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Crispin Cowan (May 15)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Jason Legate (May 17)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Maxime Rousseau (May 12)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Daniel P. Zepeda (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Istvan Takacs (May 15)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)