On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote: > On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote: > > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote: > Anyway, that's the whole point of an exploit -- providing some > _thing_, data or code, that causes a privilege escalation. It doesn't > have to be a helper running as root, just a helper that can be > exploited in some manner to get a root escalation. At least that's > what I understand.
Do the standard virus checkers (is it ClamAV?) find such problems before an exploit in mutt/helper is found or fixed? I never read email from X, always from a VT (or a vt520). If something comes in from someone I don't know and it contains an image, I delete it; if it contains html, I read it myself and if I'm really curious I'll open it with lynx when disconnected from the internet (I'm on dialup). Any other attachements from people I don't know get deleted too. If I get an unknown attachement from someone I do know, I'll send them a note saying "what is this?". I never read mail as root, it all gets redirected to me, dtutty. OTOH, dtutty is in lots of groups: ssh, adm, staff so something nasty could do some harm. Note that for surfing the net with javascript or flash, I use the user dtbrowser which is in no special groups and has nothing secret in /home/dtbrowser. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
