From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexander Viro <viro@math.psu.edu>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] security of inferno os [ptr]
In-Reply-To: <vi4vgdd7ys7.fsf@blue.cs.yorku.ca>
Message-ID: <Pine.GSO.4.21.0202050659050.16257-100000@weyl.math.psu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Date: Tue,  5 Feb 2002 07:27:01 -0500
Topicbox-Message-UUID: 4c55f202-eaca-11e9-9e20-41e7f4b1d025



On Tue, 5 Feb 2002, ozan s yigit wrote:

> 
> fyi: this is published in the last issue of 2600. 
> http://www.phrack.org/show.php?p=58&a=12

Ah, yes - "if you run it hosted under Windows and host is compromised,
it's very insecure" and it goes downwards from there.

Right there with "suppose attacker got enough priveleges to run arbitrary
code in kernel mode.  You know, the system can be fscked real hard
after that! We couldn't figure out how to achieve <trivial modification
of kernel behaviour>, but here's how to <several equally trivial ones>"
(two articles in the same issue).

Overall: "Looking for real vulnerabilities is tough - let's go shopping!"
Piss-poor...