Privilege Escalation Vulnerabilities and the Value of Restricted Accounts

Discussion in 'other security issues & news' started by Dogbiscuit, Nov 12, 2007.

Thread Status:
Not open for further replies.
  1. Dogbiscuit

    Dogbiscuit Guest

    Found these links on another forum:

    Windows Privilege Escalation Vulnerability...
    Windows
    This Windows-based exploit has been seen in the wild...
    Windows
    Not just Windows...
    Linux
    Even the very secure...
    OpenBSD

    A poster there claims the following:
    Seeing that privilege escalation vulnerabilities are quite common among all operating systems (not just Windows), and that it looks to be easy, maybe very easy to get root on linux systems if an attacker is already in a user account, and that linux is supposedly more secure by design than XP or even Vista:

    How valuable are restricted accounts against malicious attacks?
     
    Last edited by a moderator: Nov 12, 2007
    Dogbiscuit, Nov 12, 2007
    #1
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,606
    Location:
    The Netherlands
    It´s just another layer, but apparently it´s very hard to write bugfree code, so no surprise that all these things can be bypassed. Same goes for HIPS, but then again, the chances that certain security restrictions will be bypassed is not that big, I think.
     
    Rasheed187, Nov 14, 2007
    #2
  3. Dogbiscuit

    Dogbiscuit Guest

    And one that doesn't slow down performance at all.

    An engineering management proverb (pointing out that resources are finite) goes: good, fast, cheap - choose two.

    Maybe home users want "cheap" and "fast", though we often say we want otherwise.

    Is it because of obscurity that malware writers don't usually even try to bypass these (few at home use either HIPS or restricted accounts w/XP), or is it because of something else?

    The HIPS comparison raises another question: between the two, is one any more secure than the other?

    For instance, if the human element is considered, would a restricted account be safer? If the human element is not an issue, would a HIPS be safer, given that a (the?) major security weakness of HIPS is buffer overflow vulnerabilities, and that these can probably be avoided more easily with better programming practices than privilege escalation vulnerabilities can?
     
    Last edited by a moderator: Nov 14, 2007
    Dogbiscuit, Nov 14, 2007
    #3
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,229
    Hello,
    Those nix vulnerabilities refer to very old versions of kernels. Nothing but a simple update so easily available to fix things out. Current RH is 5 and BSD stands at 4.2, if I'm not mistaken.

    RH 4 was released in Feb 2005! That's more than 2 years ... almost 3. So I would not really sweat ... considering that the most up to date Windows XP kernel has on average 3-4 vulnerabilities every month.

    Mrk
     
    Mrkvonic, Nov 16, 2007
    #4
  5. Dogbiscuit

    Dogbiscuit Guest

    I see what you're saying. I keep in mind that those 3-4 vulnerabilities per month are for all types of vulnerabilities, if I'm not mistaken.
     
    Last edited by a moderator: Nov 20, 2007
    Dogbiscuit, Nov 19, 2007
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...