What processes in a computer are vulnerable when opening a harmful file from the internet?
In: 3
Depending on what user you are and what permission levels you have, potentially all of the processes. Are you an admin / root, do you have selinux/seccomp/anti virus/…
Your question is comparable to, “if I get into a car accident, how bad would I be hurt?”
All of them.
Unlike on cell phones, there’s really nothing that restricts what a random application downloaded from the internet can do. The restrictions that exist are [unhelpful and not relevant](https://imgs.xkcd.com/comics/authorization.png) to most people.
So my ELI5 advice to downloading random suspicious stuff off the internet is “don’t”.
Technically you can protect yourself, but that takes special work and knowledge. A virtual machine, or something like a fully clean, unused for anything else laptop can be helpful. But it’s still possible to go wrong there quite easily.
Depending on what user you are and what permission levels you have, potentially all of the processes. Are you an admin / root, do you have selinux/seccomp/anti virus/…
Your question is comparable to, “if I get into a car accident, how bad would I be hurt?”
All of them.
Unlike on cell phones, there’s really nothing that restricts what a random application downloaded from the internet can do. The restrictions that exist are [unhelpful and not relevant](https://imgs.xkcd.com/comics/authorization.png) to most people.
So my ELI5 advice to downloading random suspicious stuff off the internet is “don’t”.
Technically you can protect yourself, but that takes special work and knowledge. A virtual machine, or something like a fully clean, unused for anything else laptop can be helpful. But it’s still possible to go wrong there quite easily.
If you run the program from non-admin user account – it can read and modify all your documents, change your desktop settings, spy on all programs run by the same user. But it cannot touch programs and files of other users. Deleting a user and creating a new one should wipe the program.
Admin accounts on Windows behave like a normal user – until the program asks for admin rights. That’s when User Account Control appears. If you click “Yes” – the program will gain access to your system: can modify almost any file, spy on any process, change any setting. Only few system files and processes are protected.
If the program asks to install a driver, and you agree – it gains unlimited access to your computer. It can even modify the BIOS (unless it is prevented by the motherboard), so even wiping all disks and reinstalling the system might not help to get rid of it.
If you run the program from non-admin user account – it can read and modify all your documents, change your desktop settings, spy on all programs run by the same user. But it cannot touch programs and files of other users. Deleting a user and creating a new one should wipe the program.
Admin accounts on Windows behave like a normal user – until the program asks for admin rights. That’s when User Account Control appears. If you click “Yes” – the program will gain access to your system: can modify almost any file, spy on any process, change any setting. Only few system files and processes are protected.
If the program asks to install a driver, and you agree – it gains unlimited access to your computer. It can even modify the BIOS (unless it is prevented by the motherboard), so even wiping all disks and reinstalling the system might not help to get rid of it.
Latest Answers