CarlosRivera writes:

> If the data in one process can't access the data in another process, 
> then that provides more protection.

The utility of that from a security standpoint depends entirely on what
type of access is allowed or disallowed, and how the processes are used,
and who owns them, and a dozen other factors.

In most operating systems, when one process creates another, it inherits
the same privileges, so running two processes doesn't gain anything.
You can downgrade privileges in most cases, but you can't usually
upgrade them, and often the privileges that are checked and restricted
by the operating system have nothing to do with the way that the malware
operates, so they don't protect anything, anyway.

--
Anthony


_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security

Reply via email to