UNIX admin wrote:
Since this is Solaris, how would you compromise a browser?
Surely you jest? Just wait for a buffer overflow attack against the browser, for example http://www.mozilla.org/security/announce/2006/mfsa2006-44.html. It's not as if Mozilla/Firefox have never had security problems.
Also, to execute this software keylogger, it would still have to go through normal mechanisms to automatically start every time you log in - .profile, .login or .cshrc, places where such things are very easily spottable.
And how many people check .profile/,cshrc regularly to make sure nobody has modified these files? More likely, most existing users only look at these files very infrequently whenever the files are edited, so the fact that any hack is in plain view does not help you if you're not looking. Similarly for many people if an attack drops a compromised version of a system command in ~/bin.
Hugh. _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
