Full Disclosure mailing list archives
RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution
From: Paul Schmehl <pauls () utdallas edu>
Date: Wed, 18 Feb 2004 22:29:51 -0600
--On Wednesday, February 18, 2004 9:50 PM -0500 Bill Royds <full-disclosure () royds net> wrote:
This is no more of a design flaw than it is in Unix. Replace all those Windows boxes with Unix (if you could find the software they need to use), and those people will be logging in as root on all those machines.Last time I was at my doctor's medical clinic, I noticed all the shiny new LCD monitors showing the Windows logon prompt with account Administrator. I asked the receptionist why. She said so that anyone could sing on any machine when they needed it, since individual machines lock out so only signed user or administrator can sign on. They did have the screensaver timeout so people off the street couldn't sign on. But the only way to make the multiple workstations usable from for anybody was to use administrator account on all of them. This is a bit of a design flaw in the Windows network that means security is much less than it ought to be.
The problem in this case is a lack of understanding on the part of the people implementing the solution, *not* a design flaw in the software. They could just as easily create network accounts that would allow each of them to login as users on every machine in the office, if needed. Then *logout* when they're done instead of locking the machine. Or use Fast User Switching and local accounts, and anyone could login no matter who was logged in before.
Of course they would have to learn how to create a Windows domain using either a Windows server or unix with samba or learn how to use Fast User Switching (or in the case of unix, NFS or LDAP or some other mechanism to allow logins on multiple machines), but the fact remains that this is an *implementation* problem, *not* a software design flaw.
If I lock my RedHat box during an X session instead of logging out, guess who can login? Me or root.
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution, (continued)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution morning_wood (Feb 17)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution gabriel rosenkoetter (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Dave Sherohman (Feb 18)
- RE: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Steve Wray (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Tim (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution gabriel rosenkoetter (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Tim (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution insecure (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Bill Royds (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Phil Brutsche (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Paul Schmehl (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution morning_wood (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Paul Schmehl (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Byron Copeland (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution morning_wood (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Shawn K. Hall (RA/Security) (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution CHS (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Byron Copeland (Feb 18)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution madsaxon (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Brent J. Nordquist (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Jorrit Kronjee (Feb 19)