so, if the attacker can execute programs on the users machine, the game is lost ... this never made any sense to me , I don't get it
You seem to live in a world where every user "owns" its machine. While this is common at home, quite the opposite is true in business and educational environments. Lots of machines are managed by a few administrators, and the users have only limited privileges on the machines.
Some of the users want to have more control over their machines, but don't want to go the official way to get more privileges - for example, because the admins don't want a first-year student to gain root access on the university's fileservers.
So there are only two ways to gain root: Trick the admins into giving you root privileges, or find a bug that gives you root privileges. See https://en.wikipedia.org/wiki/Social_engineering_%28security%29 for the first way. The other way attacks programs that run with elevated privileges (cron jobs, set-uid programs), sometimes also the network or the physical security of the servers.
A program that predictably creates or deletes files in user-controllable directories while running with elevated privileges is a good target, as explained before. It becomes an even better target for an attack if the contents of the files can be influenced by the user.
Alexander
In reply to Re^6: pp --clean does not seem to work
by afoken
in thread pp --clean does not seem to work
by hellosarathy
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |