|
Full Disclosure
mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: paul.szabo () sydney edu au
Date: Wed, 1 Sep 2010 09:11:56 +1000
Valdis.Kletnieks () vt edu wrote:
... The victim is attempting to view a plain text file. Surely
that can be done safely?
Only if your OS's security model understands the fact that executable
code and data belong in different security domains and thus different
rules should apply about what files to "trust" in each category.
Hmm... an OS that cannot "view" plain-text in a safe manner...
Shame on those who would call that an OS.
Yes, even the Windows security model understands those things.
Cheers, Paul
Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
