[ros-kernel] User Security
Jonathan Wilson
jonwil at tpgi.com.au
Fri Sep 3 20:45:51 CEST 2004
> You won't gain any security by such a warning because the use must know
> whether a file is ok or contains malicious code. Virus.dll is an obvious
> name but a malware writer with a decent IQ will obviously try to replace the
> original kernel32.dll by a hacked kernel32.dll. How do you want to protect
> the user from such an attempt? The answer is simple: No user can write to a
> system directory! Only the administrator is able to update system files.
Well what I meant is that the administrator could configure things so that
when <bad event> happens, one of the following gets shown:
1.an "are you sure" box
2.a request for the administrator password
or 3.nothing at all (i.e. silently fail the API in question)
There would be one option for the administrator and one option for "non
administrators".
So you could (if you wanted to) configure things such that the
administrator has to check an "are you sure" box and non administrators
must input the administrator password. Or make it that administrators need
to input the admin password and normal users get nothing at all. Or whatever.
A good default for "normal users" would be "input administrator password".
And for administrator would be either "input administrator password" or
"display are you sure" box.
This is not just for system file protection but for all events that are
considered bad (and also there should be a means for a
user/administrator/whatever to add specific files and registry keys to the
list if they have things they want to protect)
More information about the Ros-kernel
mailing list