[cap-talk] Capabilities - the rub, an account
smagi at higherlogics.com
Sat Nov 18 13:22:21 CST 2006
Jed at Webstart wrote:
> The most important factor in this area I think is that any
> proxying disappears when the active process doing the
> proxying goes away - as it inevitably does in many cases
> (often at a logout, a kill, but certainly when a system restarts
> in today's systems).
Mallware, adware, etc. can install themselves as startup/boot services.
> Another factor I believe is that such proxying doesn't seem
> to be a practical problem from the security viewpoint. Others
> can correct me, but I don't know of any instances of script
> kitties or the like installing proxy access. I think part of the
> reason they don't is that such access isn't permanent enough
> to suit their needs (see above about the limited lifetime of
I think proxy access isn't used because it isn't necessary yet; far too
many easier exploits are still available. I mean, why go through all
script? Proxying will become more viable with increased security.
More information about the cap-talk