Am 22.03.2013 00:56, schrieb Sam Varshavchik: > Even let's hypothetically say there's an exploit in Firefox that can be used to inject executable code, through a > malicious web page, once running the code will have no way to overwrite Firefox's binary executable, and implant > itself in Firefox, or any other operating system executable. As soon as you log out or reboot, it's gone. The scope > of the damage is limited to wiping files in your home directory, and that's about it this as a very naive point of view you do not need to change system-binaries it is enough to place you executeable in the userhome, start it with the desktop and let connect it to a remote-server to have a shell and break any privacy of the user how many users would recognize such intrusion?
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
