On Mon, 20 Sep 2010 09:58:14 -0400 hikki@xxxxxxxxxxxxx wrote: > Robert Ransom: > > > If your web server and all of the interpreters and programs it runs are > > competently written, there is no way for an attacker to get root > > access, or even run a shell command. Web applications and the > > special-purpose interpreters they run on are often incompetently > > written. > > I've noticed that on most Linux distributions, Apache 2 (just an example) > runs as a non-privileged user on the system. Though one Apache 2 process > does run as Root, but it spawns unprivileged process children. So if it > was to be a flaw in Apache 2, or PHP, that an attacker knew about, would he > then be able to gain Root access if the software runs as a non-Root user? Maybe. Most Linux distributions do not put much effort into protecting a system against a malicious user with shell access. Even if you have no local privilege-escalation holes, there are usually scary side-channel attacks (e.g. cache-related leakage of AES keys), and you may have already given the compromised UID permission to send arbitrary network packets (if it can run VirtualBox, for example, the attacker can set up a VM with a bridged network device, log in as root in the VM, and send evil packets at will). Also, if you haven't bothered to change your MAC address, an attacker with any UID can read it using ifconfig; your hardware manufacturers may have kept records of where the device(s) with that MAC address were shipped. > > I select the message I want to reply to, and then I click the ÃReplyà > > button in my mail client's toolbar. > > The same as I do. It must be my mail provider that sucks. :) If you have a Linux system with persistent storage, try Claws Mail. If you have a Windows system, gpg4win includes Claws Mail for Windows. (Unfortunately, it leaks its version number, your GTK version number, and its build target (including processor architecture) in an X-Mailer header.) Robert Ransom
Attachment:
signature.asc
Description: PGP signature