Re: Winnt/Win2k Vuln ?

[Ben Ford <bford () erisksecurity com>]

David Schwartz wrote:

> > The browser should not be the file manager.  That is all there is to it.
> >
> > -b
>
>         Sure, and the OS shouldn't be the memory manager. The filesystem should be
> purchased separately. And you should need a separate client for FTP. Your
> network stack should come from a different vendor than your OS. And your
> computer shouldn't include memory. I vote for maximum inefficiency and
> duplication of code too.
>
>         Why should viewing a remote resource be any different from viewing a local
> resource? Especially when you consider that local files can contain diverse
> content types requiring complex presentation and navigation -- just like
> remote files.
>
>         DS

You are missing the point.  You can view resources both locally and 
remote and I have no heartburn.  However, viewing and managing are two 
entirely different concepts.  A file MANAGER, by definition, MANAGES 
files.  A web BROWSER, also by definition, BROWSES the web.

Managing includes operations such as move, copy, delete, execute, etc. 
Viewing includes none of those operations.

If you don't believe me, tell me this.  When was the last time you 
visited http://www.microsoft.com with your web BROWSER and MANAGED the 
web pages you found there by moving, renaming and deleting them?

-b


--
Fly Windows NT:
All the passengers carry their seats out onto the tarmac, placing the chairs
in the outline of a plane. They all sit down, flap their arms and make jet
swooshing sounds as if they are flying.