[OT] Re: Running graphical programs as root

Maximilien Noal noal.maximilien at gmail.com
Wed May 9 20:36:40 CEST 2012


On 05/09/2012 08:45 PM, Kevin Chadwick wrote:
> There are many layers and details to exploits. You just make it as
> difficult as makes sense to you. On linux they need to exploit the
> browser and then somehow get a shell and run other exlpoits on local
> programs to raise priviledges and hope no other security technology is
> around. On windows XP they will likely just need an exploit in the
> browser, the end.
Unless they use SuRun [1] and a limited user account instead of using an 
Admin account (well at least that's the theory, I know that XP, even 
with SP2 or SP3, has more holes than Win7). ;-)

Plus the usual security stuff in the background (Spybot S&D and Avast! 
for an antispyware and antivirus respectively, for example. Oh and I 
forgot about Windows' firewall, but I'm not at all sure about it's 
usefulness...).

And the usual security settings (autorun deactivated, Windows' scripts 
service deactivated, yada yada yada ...) - I usually apply them with XP 
Antispy [2].

On windows 7 it's not much more complicated with 10Gb
> of code sitting there....
Well, there is the limited user account and the UAC in the way, isn't it ?

[1] http://kay-bruns.de/wp/software/surun/
[2] http://xp-antispy.org/en

(I know this is even more off-topic, but security is a good topic for 
discussion)


More information about the Xfce mailing list