To: Bush2000
restricted accounts by defaultI don't get why this wasn't the way before. Why not turn on vulnerabilities instead of having to know all the doors to close?
sandboxed IE
Help me out a bit on this one. My (quite limited) understanding is that IE is the GUI or a required dll for the GUI, and that this one of the main reasons IE exploits have such damaging capability.
Anywhere near correct?
55 posted on
05/11/2005 3:35:07 PM PDT by
D-fendr
To: D-fendr
I don't get why this wasn't the way before. Why not turn on vulnerabilities instead of having to know all the doors to close?
Well, actually, Windows does support restricted accounts already. The difference is that MS will actually enforce the use of restricted accounts for users with OEMs.
Help me out a bit on this one. My (quite limited) understanding is that IE is the GUI or a required dll for the GUI, and that this one of the main reasons IE exploits have such damaging capability. Anywhere near correct?
IE is just an application. Sure, it's integrated into the OS. But the fact of the matter is that it's essentially just an app. From what the press reports say, MS will make IE run with reduced privileges, even if you happen to be logged in as Administrator (aka root). So, even if exploits occur, buffer overflows, hijacking the registry, and other kinds of attacks will not work due to restricted privileges.
59 posted on
05/12/2005 12:51:58 AM PDT by
Bush2000
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson