Fedora 18 security questions.
Roger
arelem at bigpond.com
Fri Mar 22 02:03:59 UTC 2013
On 03/22/2013 11:36 AM, Reindl Harald wrote:
> Am 22.03.2013 00:56, schrieb Sam Varshavchik:
>> Even let's hypothetically say there's an exploit in Firefox that can be used to inject executable code, through a
>> malicious web page, once running the code will have no way to overwrite Firefox's binary executable, and implant
>> itself in Firefox, or any other operating system executable. As soon as you log out or reboot, it's gone. The scope
>> of the damage is limited to wiping files in your home directory, and that's about it
> this as a very naive point of view
> you do not need to change system-binaries
>
> it is enough to place you executeable in the userhome, start
> it with the desktop and let connect it to a remote-server to
> have a shell and break any privacy of the user
>
> how many users would recognize such intrusion?
>
>
> OK! so how does one recognise such an intrusion? What should one look for?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130322/f5fa46be/attachment.html>
More information about the users
mailing list