This discussion somehow reminds my of an application I've been thinking
about that would be useful under both Windoze and Linux: a Rubber-room VM.
In fact you can do this with VMware today, but it is too slow. Imagine
having VMware set up with a stock Win98 "virtual disk" complete with all
the Windows/Office crap needed for viewing everything. VMware is also
set up to NOT allow networking, access any devices, or otherwise get
out of its "rubber room".
So then when an attachment is to be viewed, the stock virtual disk is
copied, VMware started up, the document passed safely in, and the viewer
started on it. If it is a virus that hosed "virtual disk", big deal,
the virtual disk is deleted at the end in all cases anyway.
Yes, this is too slow. But imagine imagine hardware performance being
10-50X higher and the software has not bloated up yet to cancel it ;-)
But I don't claim it is a solution to the problem at hand: which is, Dumb Users.
This above is more a solution for "smart users" who know they need to
protect themselves with a, er, rubber-room!
I feel this would be useful to have under Linux even without VM
emulating Windoze aspect. Let's face it once all the security holes in
servers (named, imapd, ftpd, ...) are plugged, the script kiddies will
be throwing bad data at our browsers and viewers.
YAM2C (yet another my two cents).
Karl
On Thu, 4 May 2000, Derek Martin <[EMAIL PROTECTED]> wrote:
> On Thu, 4 May 2000, Jerry Eckert wrote:
>
> > I believe scripts embedded in the message text (as opposed to an attachment)
> > should ALWAYS require explicit confirmation before being allowed to perform
> > any operation which has effects on any part of the system other than the
> > display. There should not be any user option to disable this confirmation.
>
> As an administrator, I'm inclined to agree. As a USER, if there were a
> program attached to my mail that I wanted to run, if I have to perform
> extra mouse clicks to say Yes, I really do want to run that, I'd be very
> irritated. So I guess I'd have to disagree.
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
