From: Gregg N 

This is a multi-part message in MIME format.
--------------080902080602010607080900
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Robert Comer wrote:
>> why in the world would you consider
>> this more secure than running as admin?
>>
>
> Because he can't change the system. No virsus and such, he can only attack
> the attack the data.
>

That's not true; virus could still be installed and set to start
automatically. It would just have to reside somewhere the current user has
write access, such as his profile, and start via a per-user mechanism.
True, current viruses probably assume they have root access, but it is not
required. The main thing is the scope of damage they can inflict, not
whether they can still exist. Of course, there have also been privilege
escalation vulnerabilities that could be exploited that would give them
root access.

Gregg


--------------080902080602010607080900
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit




  


Robert Comer wrote:

  
    why in the world would you consider
this more secure than running as admin?
    
  
  
Because he can't change the system. No virsus and such, he can only attack
the attack the data.
  


That's not true; virus could still be installed and set to start
automatically. It would just have to reside somewhere the current user has
write access, such as his profile, and start via a per-user mechanism.
True, current viruses probably assume they have root access, but it is not
required. The main thing is the scope of damage they can inflict, not
whether they can still exist. Of course, there have also been privilege
escalation vulnerabilities that could be exploited that would give them
root access.

Gregg




--------------080902080602010607080900--

--- BBBS/NT v4.01 Flag-5