On Mon, 26 Apr 1999, Steve Patt wrote:
> Ken speculated:
>
> >Sounds vaguely like it could have been a security feature, but I'm
> >certainly willing to consider it a bug. It sounds like beam receive is
> >doing the equivalent of a Memory Delete on the application before filing
> >the new database.
>
> Why would this be a security feature? There shouldn't be any difference
> between installing a new version by HotSync'ing (which doesn't delete
> data) or installing a new version by beaming (which evidently does). I
> think this is just an oversight (i.e., if not a "bug" then at least a
> poor job of defining the product) in the Exchange Manager (or whatever
> component it actually is that accepts beamed apps).
My logic is that someone could, in theory, beam you something you didn't
want. If you mistakenly accepted a "trojan" app that replaces (or shadows)
one of the standard apps, all of that app's companion databases will be
deleted so that it can not grab your data. As I said, this sounds
_vaguely_ like it could have been intended as a security feature. Not a
very good one, IMO. There's all sorts of other things you could do (like
sending an app that when run mucks about with other apps) that this really
wouldn't accomplish anything useful.
> Although I must say there probably IS a difference, since after a HotSync
> your app is called with a "was HotSync'ed" launch code, whereas after
> beaming I don't think the app is called in the same way. Or is it?
I suspect not, otherwise people would have used it for security/copy
protection purposes.
--
Kenneth Albanowski ([EMAIL PROTECTED], CIS: 70705,126)
