Karel Voln wrote:
$ konqueror localhost:631
<supply root password to konqueror when asked for>
?
in the first case, if the attacker gets in control of Konqueror,
he can do rm -rf / directly; in the latter, he can capture root
password ... which may (or may not) be more valuable
I don't think much of your example, but in practice if some cracker
tries to "rm -rf /" there's not a lot to choose, on my systems, between
doing it as root and doing it is me. My valuables are mostly in ~ and
the operating system is way easier to replace than the stuff in ~.
More likely, Ungodly will be looking for my banking details, and i I
allow a browser to store unencrypted account details, being root doesn't
make my situation worsse
However, I think the biggest hazards is through trojans, and if I can
persuade you that you really should give my custom version of Firefox a
burl, I've got you. along with Firefox I could install keyloggers to
record what you type, I I can correlate what you type with where you go,,,,
--
Cheers
John
-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list
