Full Disclosure mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: Dan Kaminsky <dan () doxpara com>
Date: Tue, 31 Aug 2010 16:18:47 -0700
On Aug 31, 2010, at 4:11 PM, paul.szabo () sydney edu au wrote:
Valdis.Kletnieks () vt edu wrote:... The victim is attempting to view a plain text file. Surely that can be done safely?Only if your OS's security model understands the fact that executable code and data belong in different security domains and thus different rules should apply about what files to "trust" in each category.Hmm... an OS that cannot "view" plain-text in a safe manner... Shame on those who would call that an OS. Yes, even the Windows security model understands those things.
Notepad.exe can launch from iexplore.exe in some contexts; this open is safe (and when it isn't, it's Critical). Notepad.exe can launch from Explorer.exe in some contexts, this open is not safe. iexplore.exe has a security model. Explorer.exe doesn't (outside of standard user). That's the reality, shared by all the desktops.
Cheers, Paul Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: DLL hijacking with Autorun on a USB drive, (continued)
- Re: DLL hijacking with Autorun on a USB drive Charles Morris (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Christian Sciberras (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive paul . szabo (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Dan Kaminsky (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive coderman (Aug 31)
- Re: DLL hijacking with Autorun on a USB drive Valdis . Kletnieks (Aug 31)