|
On 03/22/2013 11:36 AM, Reindl Harald
wrote:
Am 22.03.2013 00:56, schrieb Sam Varshavchik:Even let's hypothetically say there's an exploit in Firefox that can be used to inject executable code, through a malicious web page, once running the code will have no way to overwrite Firefox's binary executable, and implant itself in Firefox, or any other operating system executable. As soon as you log out or reboot, it's gone. The scope of the damage is limited to wiping files in your home directory, and that's about itthis as a very naive point of view you do not need to change system-binaries it is enough to place you executeable in the userhome, start it with the desktop and let connect it to a remote-server to have a shell and break any privacy of the user how many users would recognize such intrusion? OK! so how does one recognise such an intrusion? What should one look for? |
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
