Date: Tue, 6 Apr 1999 19:36:12 +0200 From: "Joachim Isaksson" <Joachim.Isaksson@sussie.interbizz.se> To: "Jeff Dalton" <jeff@aiai.ed.ac.uk>, <FreeBSD-java@FreeBSD.ORG> Subject: Re: Fwd: New Hole in Java 2 (fwd) Message-ID: <005201be8053$f71fcd50$8cbc2dc1@ibfs.com> References: <22035.199904061724@todday>
next in thread | previous in thread | raw e-mail | index | archive | help
> Is it really the case that the attacker can seize control of a Unix > machine (such as a PC running FreeBSD) and "do whatever he wants", > which seems to imply that he can become root? Or can he only do > whatever he wants provided it's something "nobody" is able to do? Being able to overwrite the stack frame will allow the attacker to obtain the rights of the user running the virtual machine. This may (depending on the security setup on your machine) allow the attacker to obtain root privileges if either the user running the JVM has root privileges or by use of other root access exploits that require the attacker to be logged in on the machine. /Joachim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-java" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005201be8053$f71fcd50$8cbc2dc1>