Roy Schestowitz wrote:
> Program Names govern admin rights in Vista
>
> ,----[ Quote ]
> | "This is a little bit silly: just name the installer something
> | else, and Vista lets it through," Chess said. He added that
> | although the feature is imperfect and inconvenient, it's
> | "better than nothing".
> `----
>
> http://www.theregister.co.uk/2007/04/23/vista_program_naming_oddness/
>
> Workarounds, hacks, and some loose 'security' bolted in on top. How about
> rebuilding the operating system? This is just as lame as managing
> execution/handling privileges based on file extensions (filenames).
So, if every virus names inself install.exe then it can infect Vista without
throwing up any kind of wobbly. I wonder if the anti-virus/security people
have also been told to ignore these files.
So what other files are likely to be automatically taken to admin level,
can't help thinking they must be some, what sort of files does MS use to
instruct the system to do an update? Go on, tell me it's some kind of
visual basic script file.
Seems a bit like the linux world saying that anything with a configure or
make file can do as it likes without the need to ask the user's permission.
I hear MS's new anti-hack device is receiving rave reviews, I only wish
Linux had thought of it first because it looks like we'll have to take a
back seat to MS in the security arena now, it's a sticker that you put on
the front of your computer that says 'beware of the dog'.
|
|