From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from home.rdsnet.ro ([193.231.236.40] helo=relay1.home.ro) by speech.braille.uwo.ca with smtp (Exim 3.35 #1 (Debian)) id 17EKhJ-0003EC-00 for ; Sat, 01 Jun 2002 22:02:21 -0400 Received: (qmail 30363 invoked from network); 2 Jun 2002 02:02:23 -0000 Received: from unknown (HELO smtp) (213.233.103.80) by s1.home.ro with SMTP; 2 Jun 2002 02:02:23 -0000 Message-ID: <001201c209d9$cfecefc0$5067e9d5@microsoft.com> From: "Octavian Rasnita" To: References: <001a01c2090d$037af5d0$ac67e9d5@microsoft.com> <000e01c20911$a10a5c60$ab00a8c0@ec.rr.com> Subject: Re: Amazingly dumb remark about Linux Date: Sat, 1 Jun 2002 05:58:40 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: speakup-admin@braille.uwo.ca Errors-To: speakup-admin@braille.uwo.ca X-BeenThere: speakup@braille.uwo.ca X-Mailman-Version: 2.0.9 Precedence: bulk Reply-To: speakup@braille.uwo.ca List-Help: List-Post: List-Subscribe: , List-Id: Speakup is a screen review system for Linux. List-Unsubscribe: , List-Archive: Maybe, I don't know, I am not an expert in security, but take a look at www.astalavista.com and you will see more links about how to "Crack Linux" Teddy, orasnita@home.ro ----- Original Message ----- From: "Cecil H. Whitley" To: Sent: Saturday, June 01, 2002 5:11 AM Subject: Re: Amazingly dumb remark about Linux > Hi Teddy, > > > Do you know that there are security features for Windows also? > > I am not talking about Windows 9X systems, of course. > > I am using Windows 2000 and you can set an NTFS partition with more rights > > for each folder or file than under Linux. > > You can log in as another user with less rights to delete or edit files > and > > a virus will have the same rights like you, like in Linux. > I must disagree with this statement. There is a well-known vulnerability in > NT/2K that allows you to gain local admin priviledges by writing a specific > value to a specific memory location. It is fairly well documented and most > sites that deal with exploits for M.S. os's should be able to provide the > location and sample code to actually exploit the flaw. M.S. released a > patch, but it just shifted the memory location, which was found again. > Bottom line, as long as they use a memory flag that can be accessed by "user > space" programs (to use the unix/Linux term) they will continue to be > insecure against anything with "local" access. > Cecil > > > _______________________________________________ > Speakup mailing list > Speakup@braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup >