longzheng said:AndyC said:*snip*I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.
longzheng said:AndyC, are process privileges security boundaries?
I'm not entirely clear on what you mean. Are you talking about NT privileges, such as seDebugPrivilege? Or something else?
longzheng said:I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.
I agree. Which is why I recommend avoiding describing the issue in terms of words like vulnerability, because it muddies the issue.
