On Thu, 04 Nov 2004 08:39:35 -0800, Russ Johnson <[EMAIL PROTECTED]> wrote: > larry price wrote: > > >OK, linux, unix, BeOS, anything must be better than a system that allows this: > >http://www.theregister.co.uk/2004/11/04/phishing_exploit/ > > > >I mean, rewriting the hosts file from a browser exploit...? > >Shouldn't you a least need elevated privileges > >to access functionality that could bury you in the matrix like that... > > > > > > > One of the fundamental flaws with Windows is that most of the time, any > user logged on has administrator privileges.
That's not a flaw in Windows. That's a flaw in the system administrator, or in many applications vendors who still program in "Windows 95 One User For All" mode that require users to be administrators BTW, the perms for the hosts files on Windows XP are R for everyone and R/W for only the Adminsitrators group, which Russ has mentioned, many/most users are admins on their local machine. /jgw _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
