Re: Bug: svnserve fail to detect it is already running

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: Fri, 09 Jul 2010 16:50:58 -0400

On Fri, 2010-07-09 at 12:45 -0400, Stefan Sperling wrote:
> It's the older Windows systems that will still have problems,
> and I don't think we should be ignoring them (as much as I'd love
> it if everyone just ditched Windows for good).

Is this really a concern on Windows systems? This is basically a
privilege escalation attack, and my understanding is that privilege
separation is rarely used to great effect on Windows servers like it
often is on Unix (such as web hosts).

Put another way: is there really a situation where malware is running on
the same Windows server as an svnserve process where security is not
already irretrievably compromised?
Received on 2010-07-09 22:52:14 CEST

This message: [ Message body ]
Next message: Julian Foad: "Re: CollabNet links in packages.html"
Previous message: Mark Phippard: "Re: CollabNet links in packages.html"
In reply to: Stefan Sperling: "Re: Bug: svnserve fail to detect it is already running"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]