vulnerabilities in snapshots?

Discussion in 'FirstDefense-ISR Forum' started by beethoven, Mar 5, 2008.

Thread Status:
Not open for further replies.
  1. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    Many programs need to be updated to avoid security vulnerabilities. As far as I understand these vulnerabilities can be exploited (in some cases) even if the program is not run anymore. E.g Java is constantly updated due to a number of issues (including many security issues) and as the old versions are not automatically removed, the advice is to remove these manually via add/remove.

    I am wondering if any unpatched software in backup snapshots could "theoretically" be exploited? If I were to boot in these snapshots, of course I could update and patch whatever needs attention but what about those slumbering snapshots for the potential emergency?
     
  2. Chris12923

    Chris12923 Registered Member

    Joined:
    May 31, 2004
    Posts:
    1,097
    if you are working in one snapshot I'm pretty sure that another snapshot that you are not using currently could not be exploited the way you described.

    Thanks,

    Chris
     
  3. SourMilk

    SourMilk Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    630
    Location:
    Hawaii
    It would be good to keep external archives. :shifty:

    SourMilk out
     
  4. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    external archives are a great feature but that's not the issue. I do keep a few easily accessible snapshots on my drive for immediate boot-up and if something stored in there could be exploited, then that would be an issue from a security point of view.
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,043

    In theory, malware, could copy something to one of the other snapshot, by adjusting it's rights. But first it has to identify that FDISR is on the machine, and secondly be able to adjust it's rights, and do a copy. One of the reasons, I run my browsers at lower rights.

    Pete
     
Thread Status:
Not open for further replies.