Thread: Idea: N900 security update (openssl, browser etc)
View Single Post
Xagoln is offline Xagoln
2016-09-17 , 00:54
Posts: 262 | Thanked: 315 times | Joined on Jun 2010
#33
Originally Posted by wicket View Post
Both programs that MicroB is comprised of (browser and browserd), run as the user user. For the two points above to be possible, a vulnerability would need to be exploited in the kernel or some other software. This may be possible indirectly through some other MircoB exploit, otherwise MicroB itself is completely safe from these.
If arbitrary code execution was possible, even as the user user from MicroB, yes, you're correct that they wouldn't be able to encrypt your files at the filesystem level, but wouldn't they still be able to delete/encrypt/corrupt/copy them on an individual basis?
 

The Following 3 Users Say Thank You to Xagoln For This Useful Post: