Amazingly dumb remark about Linux
Cecil H. Whitley
cwhitley at ec.rr.com
Fri May 31 22:11:23 EDT 2002
Hi Teddy,
> Do you know that there are security features for Windows also?
> I am not talking about Windows 9X systems, of course.
> I am using Windows 2000 and you can set an NTFS partition with more rights
> for each folder or file than under Linux.
> You can log in as another user with less rights to delete or edit files
and
> a virus will have the same rights like you, like in Linux.
I must disagree with this statement. There is a well-known vulnerability in
NT/2K that allows you to gain local admin priviledges by writing a specific
value to a specific memory location. It is fairly well documented and most
sites that deal with exploits for M.S. os's should be able to provide the
location and sample code to actually exploit the flaw. M.S. released a
patch, but it just shifted the memory location, which was found again.
Bottom line, as long as they use a memory flag that can be accessed by "user
space" programs (to use the unix/Linux term) they will continue to be
insecure against anything with "local" access.
Cecil
More information about the Speakup
mailing list