Date: Tue, 6 Apr 1999 13:07:41 -0600 From: Nate Williams <nate@mt.sri.com> To: Jeff Dalton <jeff@aiai.ed.ac.uk> Cc: FreeBSD-java@FreeBSD.ORG Subject: Re: Fwd: New Hole in Java 2 (fwd) Message-ID: <199904061907.NAA17158@mt.sri.com> In-Reply-To: <22035.199904061724@todday> References: <22035.199904061724@todday>
next in thread | previous in thread | raw e-mail | index | archive | help
> > The flaw allows an attacker to create a booby-trapped Web
> > page, so that when a victim views the page, the attacker seizes
> > control of the victim's machine and can do whatever he wants,
> > including reading and deleting files, and snooping on any data and
> > activities on the victim's machine.
>
> Is it really the case that the attacker can seize control of a Unix
> machine (such as a PC running FreeBSD) and "do whatever he wants",
> which seems to imply that he can become root? Or can he only do
> whatever he wants provided it's something "nobody" is able to do?
The attacker has the same ability as the user running the applet,
whatever it may be. This includes reading files, writing files, etc..
However, unless that user is *root* getting root is difficult.
Basically, the account running the applet has been compromised, but the
machine has not been (yet).
Example:
applet_main() {
getprivs();
append("~/.rhosts", "user@bad.domain");
...
}
Nate
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-java" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904061907.NAA17158>