At 12:51 PM 11/16/96 -0800, John Fricker wrote:

In WinNT a program may impersonate a user such as Guest. Also, trojan horses are ineffective in NT as typical users do not have write permission to system binaries.

I assume that administrators only run programs from trusted libraries and do not include their current directory in their path. They never run programs that aren't directly related to systems administration etc. etc. etc. The typical Trojan horest sits around until someone with the proper authority runs it. That is not the way NT is used at one large commercial operation I am somewhat familar with. (I'm being obscure to protect the guilty.) I think there are very few NT (or Unix) systems which are administrated with a safe level of paranoia. I would like to see more compartmentalization in the system. (Note that even if it only runs with a user's privileges, a Trojan horse will have no problem stealing e.g. that user's PGP secret key ring. Not everything of value is in system files. Question, can a user-level Trojan horse insert itself as a keyboard monitor and get the PGP pass phrase as well?) ------------------------------------------------------------------------- Bill Frantz | The lottery is a tax on | Periwinkle -- Consulting (408)356-8506 | those who can't do math. | 16345 Englewood Ave. frantz@netcom.com | - Who 1st said this? | Los Gatos, CA 95032, USA