On Sun, 2004-08-22 at 20:11, bipin gautam wrote: > Not really, I've discoverd a NTFS feature (BUG?). > well... If you have system/administrative privilages > in a disk.... you can read/modify a file even though > it has "EVERYONE: DENY" permission set. This is neither a feature nor a bug of NTFS because, as you have stated you are not using NTFS at all but reading from the disk directly, this always has been possible on any non-encrypted filesystem. the super user has direct hardware access on most OS's (Windows and Linux at least) so they can directly manipulate the hardware this is why things like custom TCP/IP stacks work, they override the OS's mechanisms, because the OS is designed to let you have that control. IMO if the super user could NOT bring back a file with those severely restricted permissions, then _that_ would be the bug as it would be a trivially exploited DoS attack. As for the ZA bug in particular, changing these permissions breaks ZA, the admin could fix it and bring it back, but it would still be a DoS and an effective ZA countermeasure for a virus. ZA, please fix this, the people on this list complaining about it are correct, it does pose a potential problem. -- Barrie Dempster (zeedo) - Fortiter et Strenue http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
Attachment:
signature.asc
Description: This is a digitally signed message part