|
The threats to our products April 1, 1999 By Loren Kohnfelder and Praerit Garg
|
| bet | 14/15 | | Sana | 30.03.2021 | | Hajmi | 58.92 Kb. | | #13786 |
Rogue administrator is another variation of privilege misuse attack. With all our products, an administrator typically has godlike powers, and when the administrator turns rogue, there is very little we can do to protect the system from utter compromise and destruction. However, more often the attack is unintentional because the administrator is doing non-administrative operations like browsing the Web with administrative privileges.
Trust abuse is another attack in this category. Trust abuse is the kind of attack where a software product from a trusted source, such as Microsoft, intentionally or unintentionally violates the user's privacy requirements. An example of trust abuse is if a piece of code sends a user's profile information back to the vendor without the user's confirmation.
Technologies like Restricted Tokens and RunAs in Windows 2000 attempt to address these issues at different levels, but a security-conscious customer must still play a part by setting proper policies and procedures to prevent non-administrative operations, such as browsing the Internet, when logged on using accounts with administrative privileges. Because of the potential impact of such issues, each of our products should clearly identify during proactive security reviews whether this is addressed or not.
|
| |
