Bugtraq: Re: On product vulnerability history and vulnerability complexity

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: On product vulnerability history and vulnerability complexity

From: ArkanoiD <ark () eltex net>
Date: Mon, 3 Apr 2006 19:44:12 +0400

nuqneH,

On Sat, Apr 01, 2006 at 03:00:30PM -0800, Crispin Cowan wrote:

  

IMHO the biggest thing that makes Firefox on Linux more secure than IE
on Windows is that you don't run Firefox as root/administrator, so when
it gets hacked, it doesn't 0wn the machine.


Actually there is only one major difference: you cannot be rootkited (unless
there is an exploit that fits, and if you are running X11 with all modern
software bells'n'whistles , there probably is) .

From other points of view owning a sole user on the machine does not

differ much.

(Do they still run web browser as administrator? I think XP was designed not
to do that?)

By Date By Thread

Current thread:

Re: On product vulnerability history and vulnerability complexity Crispin Cowan (Apr 03)
- Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 03)
  - Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 03)
  - Re: On product vulnerability history and vulnerability complexity Javor Ninov (Apr 04)
    - Re: On product vulnerability history and vulnerability complexity Steven M. Christey (Apr 04)
- Re: On product vulnerability history and vulnerability complexity ArkanoiD (Apr 03)
- Re: On product vulnerability history and vulnerability complexity Forrest J. Cavalier III (Apr 03)
  - Re: On product vulnerability history and vulnerability complexity Gadi Evron (Apr 04)