Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Is Mozilla's "patch" enough?
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Mon, 12 Jul 2004 11:20:23 -0400

Pavel Kankovsky wrote:

The user has already lost. Game over.

An attacker can exploit the ability to modify the user's configuration in
many different ways. E.g. redirect the browser to a proxy under the
attacker's control, make Mozilla use a trojanized Chrome or a trojanized
Java plugin, etc.

My thought about this is that if someone can gain access to the system in order to change the contents of prefs.js, then why would they want to be able to run even more code via shell: ?

At that point they already have the ability to run code on the box because they have to be able to do that to modify the config files.

And yes, I firmly believe that whitelisting the "safe" protocols is better than maintaining a blacklist.


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]