Quote:
Originally Posted by tlgerdes
Andrew, that's not full effective either. With frameworks like Java, Flash and HTML5 your device must download code from a source ie website. If your source gets compromised then you will receive the exploit. These exploits usually perform buffer offerflows and the like, inserting themselves into your computer with credentials above that of an administrator and could probably insert itself into your whitelist as a valid program.
|
Trevor, there is only one way to make a computer safe. Turn it off, crush the storage media, fill it with concrete, and use it for a boat anchor.
The whitelist must not be user writable.
No-one should ever be doing anything as administrator if they can avoid it. Installing and configuring programs (from a secure location and with valid not self-signed cryptographic signatures) is the best example of what they should be allowed. Also the user running an app should not have write access to anything other than data.