Secure Coding mailing list archives
eWeek says "Apple's Switch to Intel Could Allow OS X Exploits"
From: pmeunier at cerias.purdue.edu (Pascal Meunier)
Date: Fri, 27 Jan 2006 14:51:18 -0500
On 1/27/06 12:06 PM, "Crispin Cowan" <crispin at novell.com> wrote:
However, Mac OS X (and Linux and *BSD) still hold the major advantage over Windows that it is uncommon to run the mail client as root/administrator, so the infection rate will remain much lower than on Windows. Only when attackers have an actual exploit for the Mac/*NIX can they 0wn the machine. On Windows, they just need a good line and a user dumb enough to click on the attachment.
Not to mention other design issues such as the search path for dlls and executables being different in Windows, and exhibiting complex behavior that varies from update to update, with poor documentation of those changes (or ignorance on my part of where they are documented, as they are not easily found with Google). A pet peeve of mine is how the recommendation to not have "." in your PATH in UNIX is impossible to translate for the Windows world. The search path for executables (at the command line prompt, anyway) in Windows *always* includes the current directory (the search path for dlls can be made to exclude the current directory with a special call with a NULL parameter). I noticed a change for the worst just recently: now the current directory is searched before any directory in the PATH environment variable, even if PATH contains ";." as the last item (it used to be that you could make the current directory searched last by having ";." as the last item in the PATH). Pascal
Current thread:
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Kenneth R. van Wyk (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Pascal Meunier (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Andrew Rucker Jones (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Crispin Cowan (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Jose Nazario (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Jose Nazario (Jan 30)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Blue Boar (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Pascal Meunier (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" Jose Nazario (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" der Mouse (Jan 27)
- eWeek says "Apple's Switch to Intel Could Allow OS X Exploits" ljknews (Jan 27)