Reindl Harald writes:
Am 22.03.2013 00:56, schrieb Sam Varshavchik:> Even let's hypothetically say there's an exploit in Firefox that can be used to inject executable code, through a > malicious web page, once running the code will have no way to overwrite Firefox's binary executable, and implant > itself in Firefox, or any other operating system executable. As soon as you log out or reboot, it's gone. The scope > of the damage is limited to wiping files in your home directory, and that's about itthis as a very naive point of view you do not need to change system-binaries it is enough to place you executeable in the userhome, start it with the desktop and let connect it to a remote-server to have a shell and break any privacy of the user how many users would recognize such intrusion?
How many users will see some mysterious unknown executable on their desktop, and automatically execute it?
Attachment:
pgp7d_erphhgm.pgp
Description: PGP signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
