[PD] denial of service attack
Mathieu Bouchard
matju at artengine.ca
Sat Oct 17 03:51:07 CEST 2009
On Sat, 17 Oct 2009, András Murányi wrote:
> 2009/10/17 Mathieu Bouchard <matju at artengine.ca>
>> Just [textfile] and [soundfiler] are enough to overwrite important files. A
>> user's most important data is typically writable, and write-protected files
>> are usually the files that are easy to reinstall from a DVD or whatever. And
>> then writability is only one half of the problem when you can have your
>> personal data uploaded to your enemies.
> Or a worm/rootkit set up on your box.
if a user has a single non-root account in which s/he does as many things
as possible, then there's not many important things that you can only do
as root. therefore rootkits have limited usefulness. it's still a VERY
good idea to avoid rootkits, but gaining root isn't making the difference
between stealing an addressbook or not, it isn't making the difference
between rm -rf ~ or not, and it doesn't make the difference between
running a spambot or not.
> Indeed. What's worse, i download scripts from unknown dudes and run them
> root on a daily basis (most of them are makefiles ;o)
Well, I'm sure you trust your OS provider a lot more than random
fictitious people sending you YourDocument.ZIP.EXE that are associated
with application /usr/bin/wine...
_ _ __ ___ _____ ________ _____________ _____________________ ...
| Mathieu Bouchard, Montréal, Québec. téléphone: +1.514.383.3801
More information about the Pd-list
mailing list