On Thu, 2003-02-06 at 11:07, Tzafrir Cohen wrote: > Is your pine updated? (A reminder: a rather trivial hole in pine <=4.44 > was only exposed when pine 4.50 was about to be released, and it turned > out tha the problem was fixed there. THe author of pine knew of this > problem much earlier. It is only by pure luck that some black-hats didn't)
There was at least one Pine worm. > The more I look at evolution and kmail, the more they look like outlook's > interface with this exact design flaw. Evolution as shipped does not include any bindings for executables beyond "save this". Similarly the default bindings for postscript are -DSAFER. > Are there any such macrosthat are executed on document open? You can set that up with emacs, with postscript and a lot of other content forms. Most content nowdays is active in some form or other. Stopping users from making mistakes about how the handle files is hard and the mathematics says that you cant win. > > Even if you did get a Linux virus, the damage it would do is limited to > > the account of the user that received it. Others would be unaffected. > > This is true, and very important. > > But keep in mind that it only takes a user to spread a worm. The shift to application level worms and viruses using things like email is directly due to improved OS security. Unfortunately viruses now target the most easily deceived and priviledged part of the OS - the user. Fixing users is a research project. The longer term risk is more likely to be network based. Imagine if the slammer worm also did chernobyl style bios erasure... That kind of attack is a when not an if. Alan
