Am Dienstag, 29.07.03 um 17:20 Uhr schrieb lewis pusey:
Howdy,
From your message I should not repond to you but since you asked,
the problem is that the Fink documentation is in a format that when selected launches your default browser.Err, yes, it's "HTML". Of course. Just like a text file will launch your default text editor. Of course a web browser can do a lot more than a plain text viewer. But note that there is nothing special about our HTML files otherwise.
If you save that documentation and at some point uncompress the documentation again during a re-install you now have two copies of the documentation in different directories.
Yes. So... ? I am sorry I miss your point here and how this relates to the rest of what you write. Could you please elaborate?
If I understand you correctly, what you were getting at is that you think it's bad that Fink has HTML files in a fixed place... if that's indeed what you meant, I don't understand how having the docs twice, in *other* places, could cause any problems.
When online for extended periods FTPing files for Debian installations on FINK your location becomes known to hackers who are looking to exploit this always on line profile for the purpoise of redirecting web traffic to porn sites. Port 6000 is open by default on Linux intallations.We are not talking about Linux here, though.
Web browsers may be hacked to contain spurious information while online without your actual box being hacked.I ask you again: what exactly are you doing to get that effect? Do you view a specifc file on your HD? If so, what is the path to it? Did you look at the file and check if it has been manipulated (maybe email us a copy of it for analysis). Are you really redirect, or is somebody spoofing you (i.e. making your machine believe a different IP belongs to the domain names); did you check your /etc/hosts file? etc.
I think the hack involves manipulaing these vulnerabilities, I'm not a hacker so I can't really spell it out exactly.
What I do now is that once I re-install Fink and then try to access the documentation I am instead re-directed to a porn site.
My recommendation is not to have documentation in HTML format or to have enbeded linkd within the Documentation.
We don't have any special stuff in our HTML. I don't see how the local links we use in it could be abused for anything, much less the external links to fink.sf.net... can you please point to a documentation for the issue you describe? I never heard of it. But in any case, there are more HTML files in *every OS X installation* in a fixed place, so that Fink has some, too, should be the least concern.
Hackers wouldn't really need access to your box other than the handle of your IP address, duplicate links, and an open port for this. Check out Cult of the Dead Cow, or Back Orifice to see examples of this. Caution, your Browser will be hijacked and your firewall and security should be high. Back orifice is malicious as well as corrupt.Back Orifice is installed on your computer. Essentially, if somebody manages to install BO on your machine, it's the same (well not quite, but for the sake of this let's keep it simple), as installing a rootkit on a unix machine - they now have potentially full control over your machine. Being redirect to porn sites will be your *least* problem at this point. I don't see how having HTML files in a fixed can contribute to this, esp. plain HTML files as Finks. But *if* there is some way to exploit that, Mr Cracker is much better advised to use the HTML files that are shipped in a fixed location with every OS X installation - because then he can attack *all* OS X systems, not just those which run Fink.
It seems strange to me that hackers would spend all that effort, just to redirect a few people to porn pages.
Cheers,
Max
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
