reminds me of this raymond chen post https://blogs.msdn.microsoft.com/oldnewthin... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bryanrasmussen on Jan 15, 2019 \| parent \| context \| favorite \| on: 35-year-old vulnerability discovered in scp reminds me of this raymond chen post https://blogs.msdn.microsoft.com/oldnewthing/20121207-00/?p=... with the quote "It's not really a vulnerability that you can do anything you want once you pwn the machine."

Dylan16807 on Jan 16, 2019 | [–]

This is getting [partial] control of every machine that merely downloads a file from the one you took over.

bryanrasmussen on Jan 15, 2019 | [–]

of course, if Windows used a capability based security model then it would still be a vulnerability that you could do anything you want once you pwn the machine.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact