Dear Eric Paynter, Yes, it's possible and I always recommend to deny execution in user's profile and home directory. But HTML file doesn't need execute permission to open. Of cause, in this case then trojan gets executed it's harder to infect system, but it's still possible to steal some information.
--Friday, July 9, 2004, 8:26:23 PM, you wrote to [EMAIL PROTECTED]: EP> On Fri, July 9, 2004 7:43 am, [EMAIL PROTECTED] said: >> There are lots of little .tmp files generated and accessible >> remotely to be had, Adobe *.pdf's and a vast array of Microsoft >> Office 2003 crud to name just two. Many others which have been >> identified and discussed in the past as well. EP> I think: EP> mount /dev/xxxx /tmp -o noexec EP> would reduce the risk significantly. Can you do something equivalent in EP> Windows? EP> -Eric EP> -- EP> arctic bears - affordable custom email and name services EP> http://www.arcticbears.com EP> _______________________________________________ EP> Full-Disclosure - We believe in it. EP> Charter: http://lists.netsys.com/full-disclosure-charter.html -- ~/ZARAZA ��������� ���� � ���, ������ �� ����. (���) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
