Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer

[Seth Arnold <sarnold () wirex com>]

On Mon, Feb 09, 2004 at 01:24:04PM -0500, Disclosure From OSSI wrote:
> But this mechanism can only protect a limited segment of WINDOWS users
> against this “DLL proxy” attack. For example, XP Home Edition
> (SP1) is installed by default with administrator privileges for
> accounts and therefore ACL for program folders are wide open to be
> modified.  Many Windows platforms use an un-secured file system such
> as FAT or FAT32 without ACL protection.

By definition, anyone running any such system has explicitely decided to
trust all the users of the machine to act in accordance with common
shared goals.

You're confusing security mechanism with security policy; if someone's
security policy allows everyone to have administrator status, then this
is NOT a security problem, as you claim. This is legitimate use of
legitimate privileges.

-- 
Immunix Secured Linux Distribution: http://immunix.org/

Attachment: _bin
Description: