Even if it ran with my local privileges, that isn't something that I would want/expect my browser to be able to do.
Ed, I take it you hadn't changed any of the default security settings to prevent such an occurrence, right? I'm also at a loss as to how it automatically executed. --Matt On Sat, Dec 12, 2009 at 1:48 PM, <da...@lang.hm> wrote: > On Sat, 12 Dec 2009, Edward Ned Harvey wrote: > > >> So, you go to a web page, click "Download", then click "Install"; and > >> you are surprised that it downloads and installs? > > > > Yes. And it's not stupid, and I don't need the mocking. > > > > Regardless of what text they write in the HTML button, they could write > "Blow up the world" and I would expect that button would be unable to blow > up the world. > > > > In the HTML form, you click "Download and Install" and then the > executable is launched in your OS. I thought the browser should not allow > such a thing to happen. > > > > If Google is able to launch an EXE on your computer, with admin privs, > just by clicking a harmless looking button inside a webpage, bypassing all > the usual "This webpage is trying to run a program" security dialogs, > bypassing the usual "This website is trying to download a file" confirmation > and security and download dialogs ... > > are you sure that it ran with admin privs and didn't just use your normal > ones? > > David Lang > > > How do they do it? Do malicious people use the same techniques to launch > malicious programs upon unsuspecting users? > > > > What if they had made a pop-up, paid advertisement on some site, and made > the "OK" button launch malware? What if they made the "Cancel" button > launch malware? > > > > I thought the browser provided more security than that. > > > > > > _______________________________________________ > > Discuss mailing list > > Discuss@lopsa.org > > http://lopsa.org/cgi-bin/mailman/listinfo/discuss > > This list provided by the League of Professional System Administrators > > http://lopsa.org/ > > > _______________________________________________ > Discuss mailing list > Discuss@lopsa.org > http://lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- LITTLE GIRL: But which cookie will you eat FIRST? COOKIE MONSTER: Me think you have misconception of cookie-eating process.
_______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
