Full Disclosure mailing list archives
Re: Unsecure file permission of ZoneAlarm pro.
From: James Tucker <jftucker () gmail com>
Date: Sat, 21 Aug 2004 19:09:16 -0300
Zone Alarm stores its config. files in %windir%\Internet Logs\* . But strangely,Isn't it supposed to store logs ? My english knowledge is probably too poor.
The folder name would suggest that. I raised an eyebrow when I saw that too.
EVERYONE: Full
This means that anyone / anything which can access / see this folder can CHANGE anything about that folder (including permissions) without being stopped by the file system.
As everybody knows, windows * is a single user system
Not true, windows NT is a multi user kernel, although you only have a single client access license and as such you can log on one at a time to windows xp. Windows * Server is different, typically you get 5 CAL's straight away (although licensing all changed again in 2k3 and I have not yet learnt the changes).
only install zonealarm, no other software, especially no software using this directory for storing any kind of information. As I understand the
What?
zap answer: Kidding with file permissions is not an issue on any os... unless, maybe, if you wish to use your system.
File permissions are VERY important to security, even with very high vigilance in all other areas you can be fully "rooted" (exploited / attacked) if your file permissions are set wrong in the wrong place. THE POINT: Providing ZA includes this folder in its integrity checks (I have yet to have the time to start on this project, and so I cannot verify that it does, although the messages in this thread indicate that this folder contains not logs, but configs -_^ ) then ALL YOU NEED TO DO, is to change the folder permissions to EVERYONE: DENY, and NTFS will not EVER allow you to recover this folder. ZA will thus never operate properly on this machine again. In order to restore the file permissions you will need a third party NTFS driver (in short, this would be very very bad). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Unsecure file permission of ZoneAlarm pro. bipin gautam (Aug 19)
- <Possible follow-ups>
- RE: Unsecure file permission of ZoneAlarm pro. John LaCour (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. Maarten (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. bipin gautam (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Sean Crawford (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. Birl (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. Maarten (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. James Tucker (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. stephane nasdrovisky (Aug 21)
- Re: Unsecure file permission of ZoneAlarm pro. James Tucker (Aug 21)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Chris Smith (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) James Greenhalgh (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Barrie Dempster (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Barrie Dempster (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. Barry Fitzgerald (Aug 20)