| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 84142 | 2007-10-25 18:53:00 | Windows vs. Linux vs. Mac Security | somebody (208) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 605380 | 2007-10-28 03:58:00 | And if you can fool a user into downloading a file, then chmodding it to executable, then running it as root - yes, you will have a problem. Most home users will have the root password for their system. That said though, there will be far fewer issues than in a windows environment, simply because of the extra steps the user has to take to allow potentially damaging action - under windows all it takes is a single 'Yes' to tell UAC to run the app, and if you're not on Vista then not even that. You have to fool the user into entering their admin password too. One would hope that a user would be asking why they needed to enter their admin password just to view an image??? Duh! Having said that, what ever it is won't actually be able to do much damage compared to on Windows. |
winmacguy (3367) | ||
| 605381 | 2007-10-28 04:03:00 | And if you can fool a user into downloading a file, then chmodding it to executable, then running it as root - yes, you will have a problem. Most home users will have the root password for their system. That said though, there will be far fewer issues than in a windows environment, simply because of the extra steps the user has to take to allow potentially damaging action - under windows all it takes is a single 'Yes' to tell UAC to run the app, and if you're not on Vista then not even that. Im sure that if they chose to sink a billion or so into developing the system they could find a way of not playing by the rules of the OS...... |
Metla (12) | ||
| 605382 | 2007-10-28 04:23:00 | Having said that, what ever it is won't actually be able to do much damage compared to on Windows.If it is running as root, it can quite happily hose the entire OS, rootkit the system, or do pretty much anything else it likes. How is that not as much damage? Linux/Unix is extremely secure if used in the correct manner. Once something is running as root there's no stopping it (unless you're using SELinux or similar). | Erayd (23) | ||
| 605383 | 2007-10-28 04:26:00 | ....One would hope that a user would be asking why they needed to enter their admin password just to view an image??? Duh.Having said that, what ever it is won't actually be able to do much damage compared to on Windows. Sorry, i beg to differ. if the user is stupid enough to grant al the needed permissions to allow "an image" to install it self in the system, then the system will have spyware, or whatever "an image" actually is installed. There is no protection whatsoever against the root/administrative user being a fool and destroying the systems integraty with the mere typing of the root password, if that user wished to install metlas fictional "free-prn-4-life" or whatever mythical application the said fool wished to install. However on a non-MS system, there is every protection against a single user without administrative privilege on a system stuffing up the overall system, or the work of others. |
personthingy (1670) | ||
| 605384 | 2007-10-28 04:44:00 | Sorry, i beg to differ. if the user is stupid enough to grant al the needed permissions to allow "an image" to install it self in the system, then the system will have spyware, or whatever "an image" actually is installed. There is no protection whatsoever against the root/administrative user being a fool and destroying the systems integraty with the mere typing of the root password, if that user wished to install metlas fictional "free-prn-4-life" or whatever mythical application the said fool wished to install. However on a non-MS system, there is every protection against a single user without administrative privilege on a system stuffing up the overall system, or the work of others. That situation has actually changed with Leopard Sandbox tested. Sometimes hackers try to hijack an application to run malicious code. Sandboxing helps ensure that applications do only what they’re intended to by restricting which files they can access, whether they can talk to the network, and whether they can be used to launch other applications. Helper applications in Leopard — including the software that enables Bonjour and the Spotlight indexer — are sandboxed to guard against attackers. and as mentioned in the article that I posted said the fact that the exploit was created on a Mac wasn't really relevant and didn't demonstrate any inherent weakness in the Mac platform with regard to security. In fact, he said that using a Mac version of Microsoft Word served to limit the effectiveness of the exploit because "many installations in the field won't open the file." |
winmacguy (3367) | ||
| 605385 | 2007-10-28 06:05:00 | That situation has actually changed with Leopard and as mentioned in the article that I postedDid you actually read what personthingy said? A 'sandboxed' application doesn't run as root. He wasn't talking about apps being hijacked, he was talking about a user being dumb enough to grant root access to malicious software. Once it has that, your system is its oyster. If you think otherwise, I dare you to give me root access to your Leopard box. I'm willing to bet that I can completely hose it inside two minutes. |
Erayd (23) | ||
| 605386 | 2007-10-28 06:16:00 | Did you actually read what personthingy said? A 'sandboxed' application doesn't run as root. He wasn't talking about apps being hijacked, he was talking about a user being dumb enough to grant root access to malicious software. Once it has that, your system is its oyster. If you think otherwise, I dare you to give me root access to your Leopard box. I'm willing to bet that I can completely hose it inside two minutes. Sorry didn't read it properly. I know there are some pretty dumb users out there but you would have to be pretty inept to load your admin password to view a photo or something which is normally perfectly viewable in your web browser- without asking why. I guess that within reason you can make a computer system secure for general use, after that it is up to the user what they choose to install on the system-which is where OS X still has it over Windows. I have a feeling that Apple still has a few more tricks up their sleeves with 5 more OS versions due out in the next 10 years (not including point updates) to keep the baddies out. |
winmacguy (3367) | ||
| 605387 | 2007-10-28 07:29:00 | Can we agree on something here... No system is safe if the root/administrative user is a all-trusting fool There is a lot of fools out there. While there are differences in design that make some systems more vulnerable than others, any talk that says any OS is indistructable nomatter what seems a tad naive to me.. |
personthingy (1670) | ||
| 605388 | 2007-10-28 07:41:00 | Can we agree on something here...Nope :p . No system is safe if the root/administrative user is a all-trusting fool There is a lot of fools out there.Well OK... maybe we can. While there are differences in design that make some systems more vulnerable than others, any talk that says any OS is indistructable nomatter what seems a tad naive to me......unless said OS is in ROM - then you just reboot and any problems simply vanish. |
Erayd (23) | ||
| 605389 | 2007-10-28 07:46:00 | ...unless said OS is in ROM - then you just reboot and any problems simply vanish.Perhaps i should have said "any installed system" :p | personthingy (1670) | ||
| 1 2 3 4 5 6 7 8 | |||||