Everyone group Full Control of HOSTS file

Everyone group Full Control of HOSTS file

Am in the process of documenting how to install a new remote access solution across (our granted somewhat small) user base. During the install of the client on XP the program asks to be given access to the hosts file. This is fine by me so far. The trouble is that it does not just grant it to an administrator or single user but the Group\Everyone. Upon a reboot I ran an Effective Permissions test on the hosts file for the Guest account and low and behold it now has Full control of the hosts file.

Asked by: Guest | Views: 184

Total answers/comments: 1

Comments display order:

Guest [Entry]

"I would be worried. You are now giving permission for anything to change DNS. Why is this worrisome?

When Windows connects to Microsoft, it will do name lookups via the update server. How does it find that? Via name lookups. Windows will then run any code retrieved from this server. I don't know what kind of security checks Windows runs on them, so this might be negated.
When you go shopping, you connect to a server. What happens if both the server and the certificate server are both redirected to servers of an attacker's choosing? I don't know how the certificates work, so this also might be negated.

But even if both of those are negated, then what happens if the attacker can entice the user into bypassing security checks?"