Bugtraq mailing list archives
Re: Escalation of privileges
From: Kenn Humborg <kenn () BLUETREE IE>
Date: Tue, 8 Aug 2000 19:38:40 +0100
Hmm... Interesting, but needs an idiot admin to exploit.
I beg to differ. I don't have the time to minutely examine every file that every app installs. I think it is reasonable to expect reputable companies (such as Symantec) to ship their apps in a secure state. In the 'real world', they'd get their asses whipped due to lack of 'warranties of merchantibility and fitness for a particular purpose'. Would you buy a car alarm that left your doors unlocked? If you did, and the vendor didn't make this clear, and sold it as a security enhancement, you'd sue his ass off. Unfortunately, in the software world, these stupid limited warranties mean that you've got absolutely no ground to stand on. Annoyed, Kenn
Current thread:
- Escalation of privileges Chris Foster (Aug 07)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) William D. Colburn (aka Schlake) (Aug 10)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) Tom Perrine (Aug 11)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: Escalation of privileges Nicolas Rachinsky (Aug 09)
- <Possible follow-ups>
- Re: Escalation of privileges Mayers, Philip J (Aug 08)
- Re: Escalation of privileges Kenn Humborg (Aug 09)
- Re: Escalation of privileges Adam Richard (Aug 10)