Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today
On Wednesday 28 January 2004 08:37, Dave Temkin wrote:
So? Had the virii been an application compiled for RedHat and everyone ran RedHat instead of Windows and they downloaded it using Evolution and double clicked on it, it would suddenly be RH's fault instead of MIcrosoft's?
If RedHat, by default had you running as root rather than an unprivledged user, it sure would be.
Most Windows boxes are running with administrative privledges. That makes Windows a willing accomplice. The issue isn't that people click on attachments, but that there are no built in safeguards from what happens next.
-- Robin Lynn Frank | Director of Operations | Paradigm-Omega, LLC Cry havoc, and let slip the dogs of war! Email acceptance policy: http://paradigm-omega.com/email_policy.php
You're the second person to say that and it's still wrong. The virii, once resident, opens a connection to port 25 on an open SMTP server, whether it be the user's ISP relay or local server. Sure, it can't install itself into /etc/init.d, but it sure can launch itself bg instead of fg and be running until the user either kills it or reboots the box. Also, for reference to other people - the preview pane does *not* allow the execution of attachments unless they're double-clicked on and acknowledged. Again - we're not talking about another OS or Outlook exploit, only a stupid user exploit. -- David Temkin
: Also, for reference to other people - the preview pane does *not* allow : the execution of attachments unless they're double-clicked on and : acknowledged. Again - we're not talking about another OS or Outlook : exploit, only a stupid user exploit. The "feature" has been fixed but it **did** at one point run apps. James Edwards Routing and Security Administrator jamesh@cybermesa.com At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday 505-988-9200 SIP:1(747)669-1965
participants (2)
-
Dave Temkin
-
james