"If you compromise a process on windows, you've rooted the box"

Huh? NT, 2K, XP has a unix-alike model: you get the permissions it was running as, same as on unix.

"True, launching executable attachments in windows isn't a fault per-se of windows, but opening an e-mail message, or visiting a web site and having things done without user intervention is *their fault*."

Yeah, but that's the point of the article - this will likely happen on unix too. If you force people to write and deploy new software for linux desktops, they'll have the same incidences of exploitable bug - you're not gaining anything by moving them off Windows.

"The last time I checked, running an executable on unix from an attachment wasn't something that just happens. You have to save the file and then give it execute permission."

And for a few years Outlook has made you save files before you can run them, with big warnings too.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/190/23174#23174