LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Porting MyDoom to Linux

[ILUG] Porting MyDoom to Linux

Chris Higgins chris.higgins at darach.ie
Wed Feb 4 13:56:24 GMT 2004 

On Wed, 4 Feb 2004 13:27:45 +0000
kevin lyda <kevin+dated+1076333269.dc57a9 at ie.suberic.net> wrote:

> but for the most part there *is* a difference between opening and
> running.

True - but only because we see the difference between 
data to be interpreted as a program, and data
to be interpreted by a program.

How many people understand and can make that distinction ?

>           if you have an mua you've already accepted the idea of
> passing untrusted data to a program.

Yup.

>                                       executing untrusted code is a
> step beyond that.

Why ? Unless by saying 'executing' you mean 'intentionally executing',
in which case I agree completely, and we're back to needing 
social engineering to get the user to 'execute' the code. However,
as I hope I made clear - that doesn't necessarily require the
"extract, chmod +x, run" sequence for success.

If it's postscript, then 'viewing' amounts to 'executing untrusted code'.


>                    any helpers that do the former are within the level
> of risk you've accepted, any that do the latter are beyond that level
> of accepted risk.

So .sx? / .doc / .pdf / .ps / flash are 'beyond' because they contain code, 
but jpeg/gif etc are 'within' because they don't ?

That kinda puts most of the useful attachments into the 'beyond' camp
(if I understand your inside/outside boundary)

> 
> kevin
> 
> -- 
> kevin at ie.suberic.net ....... financial math: if bill gates & 10,000
> homeless http://ie.suberic.net/~kevin/cgi-bin/blog .. guys are in a
> room, the average net worth of each of them is over $1,000,000.  now,
> why do you care what the average bush tax "cut" was again? ...........
> http://www.deanforamerica.com/
> 


--

Chris Higgins                              Cisco Learning Partner
Darach Technology Ltd                      tel: +353-1-6204370
email: chris.higgins at darach.ie          fax: +353-1-6204371
http://www.darach.ie

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell