On Sat, May 21, 2016 at 8:32 PM, Adam Borowski wrote: > This looks wrong to me: a vast majority of machines these days have a single > user, thus pwning root gives you little additional gain.
Getting further into a system (user -> root -> GRUB -> MBR -> boot firmware -> peripheral firmware) gives a successful attack much more persistence. This is why the TLAs go as deep as they can. > So, for running untrusted code you should execute it solely in a special > environment of some kind. And if you're not executing those binaries > directly, what's the point in putting them into the standard paths? No idea what anarcat's thoughts were but I can think of two reasons: Prevents those binaries from being modified by the binaries themselves or other programs run by the user. Makes integration with the rest of the system easier. -- bye, pabs https://wiki.debian.org/PaulWise