Just discovered this whilst browsing:
http://www.lwn.net/daily/swf-bug.php3
Anyone heard anything of it before? Particularly dodgy part is in "IMPACT OF RISK
section - "Good" arbitrary code..."
I was also thinking about the MS-DOS thread that was on here or dirgames-l some time
ago. I recently had a serious Windows failure and during trying to fix it -
reinstalled the original registry file (system.1st) as per WinHelp instructions. This
was done with about 3 lines of DOS code.
I know that SW restricts access to external files but exe's don't. Is it not then
possible that, based on the DOS command launches discussed on the list, someone could
easily create an exe from Director that calls MS-DOS boxes (minimized or whatever so
the user wouldn't even know) and wreaks havoc? I appreciate that reinstalling the
registry probably can't be done from within an MS-box within Windows but I'm sure
there is plenty of other nasty stuff.
I have no interest in creating anything like that to send out (damn hackers and virus
spreaders have shagged up my PC too many times) - but I might try it on one of my old
boxes at home.
Any thoughts anyone?
Leon
[To remove yourself from this list, or to change to digest mode, go to
http://www.penworks.com/LUJ/lingo-l.cgi To post messages to the list,
email [EMAIL PROTECTED] (Problems, email [EMAIL PROTECTED])
Lingo-L is for learning and helping with programming Lingo. Thanks!]
