Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » MVP Summit: Friday notes
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
free anti-trojan? »
« help getting rid of pokapoka70.exe  
AuthorAll Replies

Tuulilapsi
Kenosis

join:2002-07-29
Finland

 reply to Steve
Re: Security Features in IE7

said by Steve See Profile :

Protected Mode - "User Account Protection" (run with least privilege) has been the case with Unix for years, but it only protects the *machine*, not *your account*. Malware can easily trash your login settings.

IE7 extends this even more: the main goal of the browser is to render content, and if we can (say) remove access to the filesystem other than temporary internet file

Writes to the user's profile will be automatically redirected to a subdirectory of Temporary Internet Files: this virtualizes the settings, and it applies to things like a Quicktime plugin. No way to delete My Documents from a bogus plugin.

They do allow exceptions (say, saving a Word Template to your templates directory), but it prompts the user. This is handled by brokers that do the elevated-priv stuff, and it guards access carefully.

There is a whole Integrity Control layer that sits between IE and the system, and it looks really well thought out - it's very comprehensive.
Now this sounds interesting, and promising.

Thank you for posting this. Very, very interesting stuff.
--
And lead me not into temptation - for I can find my way there myself easily enough.
to forum · permalink · · 2005-09-30 14:47:40 · Reply to this

psloss
Premium
join:2002-02-24
Alpharetta, GA
said by Tuulilapsi See Profile :

Now this sounds interesting, and promising.

Thank you for posting this. Very, very interesting stuff.
It is...in case anyone is interested in more overview words, here are several online:
»msdn.microsoft.com/library/en-us···ista.asp
--
Feedback? e-mail: stuff@lupwa.org
to forum · permalink · · 2005-09-30 18:24:21 · Reply to this
Forums » Up and Running » Security » Securityfree anti-trojan? »
« help getting rid of pokapoka70.exe  

Friday, 27-Nov 21:51:34 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [121] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [68] In-Flight Internet Headed For Bumpy Landing?
· [63] Verizon CEO: Hulu Will Be Dead Soon
· [60] Thanksgiving Open Thread
· [38] EFF Wages War On Fine Print
· [38] ICANN Slams DNS Redirection
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· 5 hour energy for diabetic [General Questions]
· So we need a legitimate reason to use a lot of bandwidth? [TekSavvy]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]
· [WIN7] Let's See Your Win 7 Desktop [Microsoft Help]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· IPComms Free DIDs now with sip registration maybe?? [VOIP Tech Chat]
· Only firefox accesses Internet? [Security]