From: Mike N. 

On Wed, 10 Jan 2007 19:09:52 -0500, "Geo."  wrote:

>Pretty much any machine is a server anymore. Heck vista has terminal
>services, media player network sharing service, search, I mean what is so
>special about a server in this day and age?

  A web server hosts potentially hostile users on the inside, who seek to
escalate their privilege.   In addition, the web server is constantly
probed from the outside for misconfigurations in any app.   Quite a
contrast to the home media server which is NATted off of the internet.

>>  I'd much rather run a local .NET app that allows external network access
>> rather than something developed in C++.   The security model of .NET is a
>> pain for developers because it forces them to consider security, whether
>> they care about it or not.  It's very much unlike PHP which encourages
>> unsafe constructs because they are the easiest way.
>
>As a hacker it's your job to get some executable code to run on the target.
>If the target can only execute a limited number of executable types then
>that job is tougher than if you let .NET increase the number of types of
>executable code that can run.

   This is true - and raises the question of whether .NET 1.0 has any
simple escalation of privilege exploits.    But even if so, it's
exponentially more difficult to silently execute a .NET download, much less
run a .NET download that can access anything outside the security sandbox.
But never say never - look at the stupid Java sandbox VM exploits.

>I'll agree with your statement regarding C++ or PHP if what you are saying
>is that it's harder to write bad code (I can't imagine it being easier), but
>I'll point out that writing code is not the job of the end users. So all
>that means to us is some day we may not have to look as hard for something
>that isn't full of holes. OTOH, shared functions that do get exploited could
>now allow a far larger collection of apps to be susceptable to the same
>exploit. So are we just exchanging lots of little problems for fewer big
>problems?

   Re: Writing bad code - it's not that end users write code, but mostly
poorly trained newbies operating under the whip of management and marketing
to ship ASAP.   If they get a result that looks close, it's ready to
deploy.   Never mind that the input is not checked, no consideration of
overflow or nonsense input.

   An exploitable shared function with a problem only if an app calls it.
Furthermore, that function call would need to fall under the control of an
external system or file.  No worse than some of the C or Windows Run Time
Library exploits of 3-4 years ago that affected many apps.

--- BBBS/NT v4.01 Flag-5