It requires "SeImpersonatePrivilege", which is only granted by default to administrators and SYSTEM and the ASPNET account.
From the link...
While the issues are not critical in nature since impersonation rights are required, they allow to exploit services such as IIS 6, IIS 7, SQL Server, etc. in some specific scenarios.
On the topic of horrible design flaws, X* has always allowed non-root users to capture keystrokes - something that without an exploit, cannot be done in Windows NT.
That certainly is possible, though the web server would need to be hosting a pretty popular website given the fact that infection rate per visitor is rarely near 100%. Pretty much all of the zombie Linux servers I've see trying to log into my server via ssh have turned out to be Linux/Apache/Cpanel machines owned by reseller hosts. I think the appeal of linux servers among bot herders is the ability to send out email directly. Many ISPS block SMTP outgoing due to the bot problem, so XP bots can't infect other machine by sending out infected email attachments.
I googled it. It was a privilege escalation flaw and Microsoft patched it.
So?
The next time a privilege escalation vuln is discovered in the Linux kernel are you going to proclaim the linux kernel "horribly flawed" and swear it off?
Linux/unix had the concept of su years before Microsoft thought of it; and it is a built in process to the operating system, not an afterthought.
I don't see how it was an afterthought. "runas" was introduced in Win2k, but the ability to impersonate other users existed in previous versions of NT kernel.
Do you have a citation wrt your claims about rogue processes faking gksudo?
Why would I need to cite anything? gksudo is not complicated. It's a graphical sudo wrapper which uses standard gtk dialogs. Why you would think a process couldn't fake it is beyond me.
Windows systems can be attacked and compromised by code that injects into the windows kernel itself thru web browsers;
...if the browser process is running under the necessary privilege level. Otherwise, that cannot without a privilege escalation exploit.
I haven't seen any creditable evidence yet that system processes in linux can be compromised the same way. Userland, certainly, although exploits such as that are still very rare; but that doesn't compromise the system.
Where are you getting the idea that vulnerabilities in Linux userland programs are more rare than they are in Windows? There are tons of security updates every month for various *nix ibraries and programs used in *unix OSs like Linux and BSD.
In regards to exploiting the system, the default implementations of sudo in distros like Ubuntu and debian (and I assume others), the root password is cached for a period of time after the user inputs it. A rogue process running with the users' credentials could sit in the background and wait for the user to invoke sudo, after which it could launch sudo itself and gain root.
Given desktop linux's obscurity, this is not really that big a threat, but it would surely be exploited if Linux had a sizable market share.
The solution to this problem is to turn off sudo password caching, or do what I prefer and enable the root account and use su instead of sudo.
You don't need gksudo unless your actually doing something "administrative" like changing system wide settings or installing system wide software.
Nor do you need UAC unless you're doing something administrative.
No non administrative app should ever require root so if you didn't do something where you would otherwise expect to need gksudo you can just assume the prompt is fake.
Of course. But Windows operates in an environment where millions of apps misbehave. This is the reality and so far all of the people who bash UAC are not living in the realm of reality. I'm still waiting for someone who thinks UAC sucks to propose user friendly alternative to UAC.
The reason UAC needs to be so clever is that day to day tasks often cause it to activate and you need to be able to tell the difference.
Day to day tasks - like what?? if you are talking about misbehaving programs that write to %programfiles%, then how the hell is UAC supposed to know that this is supposed to be a day to day task?
This are simple 50 lines executables that allow you to escalate any process you want with a few clicks.
[citation needed] (bullshit)
Exchange, SQL, IIS
All have decent security records in the last several years. SQL server in particular has been almost bulletproof since SQL 2005.
A friend of mine has am iMac from 2001 running the latest OSX. And it runs amazingly well
I recently helped an old lady I know with her printer. She had an iMac from 2001 running some old version of OSX and it was one of the slowest machines I had ever worked with. It reminded me of the time I loaded Windows 95 on a 486 with 8 Megs of RAM.
malware writers don't care one bit about administrator/root access. All they want is computers' resources.
And on a side note, UAC is light years ahead of it's Linux equivalent, gksudo, which can be easily faked by a rogue processes and in combination with cached credentials (see:Ubuntu) will give up root permissions to any rogue process that wants them.
Ubuntu is the new Mandrake. Like Mandrake, it will eventually lose favor with the deniers who believe that Linux can be a viable desktop for the masses, and some other Distro with the exact same deficiencies (e.g. Linux being under the hood) that Ubuntu has and Mandrake had will take it's place. Wash, rise, repeat and all the while, Microsoft and Apple will continue to duke it out over the 98.5% of desktops that don't run Linux.
That's pretty funny. I have a WinMo phone and my wife has the HD2. I've seen some of those issues the review talks about. The thing about Windows Mobile phones is that they are basically tiny PCs, and that's the best and worst thing about Windows Mobile.
Most places I've gone to with Windows infrastructures have lots of problems too. Invariably, those problems are due to the competence level of the people in charge.
As a general rule, the same IT people that can badly manage Windows machines can't manage UNIX machines at all.
I don't buy into the 'bitrot' myth. This only thing I can think of that would slow a machine over time is disk fragmentation and even in machines that were out in the field for several years I haven't seen that much fragmentation.
The one thing that I could see as causing 'bitrot' is Anti Virus software, which almost invariably slows machines down at times.
As for spending more on hardware, I've seen that too. I think the overspending may be a psychological phenomenon where they are overcompensating for their feelings of inadequacy.
I know that might sound funny, but tech executives of 100% Windows shops tend to be afraid of UNIX. I know my bosses are.
Their PCs don't suffer from bit-rot that degrades performance in a matter of weeks. And the IT team actually has time to deal with real issues, like making our internal processes flow more smoothly.
Our Windows PCs and domain don't suffer from these boogie men. Maybe you were doing it wrong.
..if a certain option, "Scan Process on Enable", was turned on. That option is disabled by default. We run XPSP3 and McAfee 8.7i and machines loaded the bad DAT but we were unaffected because when I configure the policy for VirusScan in EPO I did not turn the "Scan Process on Enable" option on.
anything I should be looking out for or worrying about as a prospective teacher if I am ever to be on the "user" end of any Blackboard software?
Be ready for tons of annoying bugs that are not showstoppers, but can disrupt workflow and require workarounds. Prepare to live with those bugs for long periods of time as the average time from problem report to a fix can be many,many months, and fixes usually only come in the form of version upgrades, so even if there is a fix, it may be in the new version which your school doesn't want to install.
When those bugs finally do get fixed, remember them, because they a liable to come back in future versions. We've seen bugs disappear and reappear in later version many times.
Also, prepare for browser compatibility nightmares. Right now, the latest version of Blackboard makes heavy use of AJAX and has minor problems with all versions of Internet Explorer, which is a big headache since most schools standardize on IE. I had to push out custom settings to all of our computers after we rolled out the new version of Blackboard.
Also, get ready for random failures, of which, your IT department or Blackboard will have no explanation for, since tomcat puts out no useful logs. One of the failures that is known to happen is test sessions freezing. This causes students who are taking tests to get locked out and all of the questions they have yet to answer marked as wrong.
I would recommend joining a Blackboard user group or listserv such as the one hosted by Arizona State. You'll get more help from other users than from Blackboard, as Blackboard's support is and has always been horrid.
Finally, I would recommend joining whatever committee that made the decision to buy Blackboard and advocate that your school switch to Moodle, or Desire2learn.
I could have gone on further about why I dislike Blackboard (both the software and the company, which is a patent troll). I was just responding to the GP whose facts about Blackboard's architecture were way off.
Slashdot Mirror
It requires "SeImpersonatePrivilege", which is only granted by default to administrators and SYSTEM and the ASPNET account.
From the link...
While the issues are not critical in nature since impersonation rights are required, they allow to exploit services such as IIS 6, IIS 7, SQL Server, etc. in some specific scenarios.
On the topic of horrible design flaws, X* has always allowed non-root users to capture keystrokes - something that without an exploit, cannot be done in Windows NT.
But then, you probably never use X* right?
That certainly is possible, though the web server would need to be hosting a pretty popular website given the fact that infection rate per visitor is rarely near 100%. Pretty much all of the zombie Linux servers I've see trying to log into my server via ssh have turned out to be Linux/Apache/Cpanel machines owned by reseller hosts. I think the appeal of linux servers among bot herders is the ability to send out email directly. Many ISPS block SMTP outgoing due to the bot problem, so XP bots can't infect other machine by sending out infected email attachments.
I googled it. It was a privilege escalation flaw and Microsoft patched it.
So?
The next time a privilege escalation vuln is discovered in the Linux kernel are you going to proclaim the linux kernel "horribly flawed" and swear it off?
A program can't wait in the background and get root when someone types sudo.
When password caching is turned in (like it is by default in Ubuntu) yes, it can.
One critical server running linux is worth a lot more than 1000 XP desktop machines running solitaire.
I think botnet operators would disagree.
Linux/unix had the concept of su years before Microsoft thought of it; and it is a built in process to the operating system, not an afterthought.
I don't see how it was an afterthought. "runas" was introduced in Win2k, but the ability to impersonate other users existed in previous versions of NT kernel.
Do you have a citation wrt your claims about rogue processes faking gksudo?
Why would I need to cite anything? gksudo is not complicated. It's a graphical sudo wrapper which uses standard gtk dialogs. Why you would think a process couldn't fake it is beyond me.
Windows systems can be attacked and compromised by code that injects into the windows kernel itself thru web browsers;
...if the browser process is running under the necessary privilege level. Otherwise, that cannot without a privilege escalation exploit.
I haven't seen any creditable evidence yet that system processes in linux can be compromised the same way. Userland, certainly, although exploits such as that are still very rare; but that doesn't compromise the system.
Where are you getting the idea that vulnerabilities in Linux userland programs are more rare than they are in Windows? There are tons of security updates every month for various *nix ibraries and programs used in *unix OSs like Linux and BSD.
In regards to exploiting the system, the default implementations of sudo in distros like Ubuntu and debian (and I assume others), the root password is cached for a period of time after the user inputs it. A rogue process running with the users' credentials could sit in the background and wait for the user to invoke sudo, after which it could launch sudo itself and gain root.
Given desktop linux's obscurity, this is not really that big a threat, but it would surely be exploited if Linux had a sizable market share.
The solution to this problem is to turn off sudo password caching, or do what I prefer and enable the root account and use su instead of sudo.
You don't need gksudo unless your actually doing something "administrative" like changing system wide settings or installing system wide software.
Nor do you need UAC unless you're doing something administrative.
No non administrative app should ever require root so if you didn't do something where you would otherwise expect to need gksudo you can just assume the prompt is fake.
Of course. But Windows operates in an environment where millions of apps misbehave. This is the reality and so far all of the people who bash UAC are not living in the realm of reality. I'm still waiting for someone who thinks UAC sucks to propose user friendly alternative to UAC.
The reason UAC needs to be so clever is that day to day tasks often cause it to activate and you need to be able to tell the difference.
Day to day tasks - like what?? if you are talking about misbehaving programs that write to %programfiles%, then how the hell is UAC supposed to know that this is supposed to be a day to day task?
UAC is light years ahead of the competition when it comes to being a nuissance.
UAC is no more of a nuisance than gksudo or whatever mechanism OSX uses to elevate privileges.
You're an idiot for even bringing it up.
Do have an actual argument, or are you just having a bad day?
Stop digging.
This are simple 50 lines executables that allow you to escalate any process you want with a few clicks.
[citation needed] (bullshit)
Exchange, SQL, IIS
All have decent security records in the last several years. SQL server in particular has been almost bulletproof since SQL 2005.
A friend of mine has am iMac from 2001 running the latest OSX. And it runs amazingly well
I recently helped an old lady I know with her printer. She had an iMac from 2001 running some old version of OSX and it was one of the slowest machines I had ever worked with. It reminded me of the time I loaded Windows 95 on a 486 with 8 Megs of RAM.
malware writers don't care one bit about administrator/root access. All they want is computers' resources.
And on a side note, UAC is light years ahead of it's Linux equivalent, gksudo, which can be easily faked by a rogue processes and in combination with cached credentials (see:Ubuntu) will give up root permissions to any rogue process that wants them.
Ubuntu is the new Mandrake. Like Mandrake, it will eventually lose favor with the deniers who believe that Linux can be a viable desktop for the masses, and some other Distro with the exact same deficiencies (e.g. Linux being under the hood) that Ubuntu has and Mandrake had will take it's place. Wash, rise, repeat and all the while, Microsoft and Apple will continue to duke it out over the 98.5% of desktops that don't run Linux.
..."Abstinence makes the church grow fondlers!""
This.
(Sorry, I had to)
I noticed your sig.
Have you noticed that all of twitter's sockpuppet accounts have suddenly gone dead.
Do you think our beloved troll died?
That's pretty funny. I have a WinMo phone and my wife has the HD2. I've seen some of those issues the review talks about. The thing about Windows Mobile phones is that they are basically tiny PCs, and that's the best and worst thing about Windows Mobile.
Most places I've gone to with Windows infrastructures have lots of problems too. Invariably, those problems are due to the competence level of the people in charge.
As a general rule, the same IT people that can badly manage Windows machines can't manage UNIX machines at all.
I don't buy into the 'bitrot' myth. This only thing I can think of that would slow a machine over time is disk fragmentation and even in machines that were out in the field for several years I haven't seen that much fragmentation.
The one thing that I could see as causing 'bitrot' is Anti Virus software, which almost invariably slows machines down at times.
As for spending more on hardware, I've seen that too. I think the overspending may be a psychological phenomenon where they are overcompensating for their feelings of inadequacy.
I know that might sound funny, but tech executives of 100% Windows shops tend to be afraid of UNIX. I know my bosses are.
The next day, nobody goes to work as they haven't got enough battery power in their cars.
Which would save even MORE energy!
Brilliant!
Their PCs don't suffer from bit-rot that degrades performance in a matter of weeks. And the IT team actually has time to deal with real issues, like making our internal processes flow more smoothly.
Our Windows PCs and domain don't suffer from these boogie men. Maybe you were doing it wrong.
He even takes time out to say how good OSX and Linux's package management is compared to Windows...
By that I can tell that he doesn't have much experience with Linux package management.
..if a certain option, "Scan Process on Enable", was turned on. That option is disabled by default. We run XPSP3 and McAfee 8.7i and machines loaded the bad DAT but we were unaffected because when I configure the policy for VirusScan in EPO I did not turn the "Scan Process on Enable" option on.
They're on the screen of my HTC Touch Pro 2 (259 DPI), and other smart phones like the Nexus One (252 DPI).
Yeah, and "LOCALSYSTEMkit" doesn't exactly roll off the tongue.
anything I should be looking out for or worrying about as a prospective teacher if I am ever to be on the "user" end of any Blackboard software?
Be ready for tons of annoying bugs that are not showstoppers, but can disrupt workflow and require workarounds. Prepare to live with those bugs for long periods of time as the average time from problem report to a fix can be many,many months, and fixes usually only come in the form of version upgrades, so even if there is a fix, it may be in the new version which your school doesn't want to install.
When those bugs finally do get fixed, remember them, because they a liable to come back in future versions. We've seen bugs disappear and reappear in later version many times.
Also, prepare for browser compatibility nightmares. Right now, the latest version of Blackboard makes heavy use of AJAX and has minor problems with all versions of Internet Explorer, which is a big headache since most schools standardize on IE. I had to push out custom settings to all of our computers after we rolled out the new version of Blackboard.
Also, get ready for random failures, of which, your IT department or Blackboard will have no explanation for, since tomcat puts out no useful logs. One of the failures that is known to happen is test sessions freezing. This causes students who are taking tests to get locked out and all of the questions they have yet to answer marked as wrong.
I would recommend joining a Blackboard user group or listserv such as the one hosted by Arizona State. You'll get more help from other users than from Blackboard, as Blackboard's support is and has always been horrid.
Finally, I would recommend joining whatever committee that made the decision to buy Blackboard and advocate that your school switch to Moodle, or Desire2learn.
You are right on #1 and #2.
As for #3, I did not expect that!
I could have gone on further about why I dislike Blackboard (both the software and the company, which is a patent troll). I was just responding to the GP whose facts about Blackboard's architecture were way off.