On Fri, Jun 10, 2011 at 10:09 AM, Alan Bourke <[email protected]> wrote:
>
> They're not, but PDF is a big vector for malware authors.
> --
Yeah, you would have thought we learned our lesson with AutoOpen
macros in Word documents running arbitrary code when the document is
opened, but it seems there's a pattern of repeating this in every
application that opens "documents" - PDF readers, HTML Help, etc.
Flash and HTML browsers are built with the understanding that there
will be executable code running within them, and that code needs to be
shielded ("sandboxed") from running amok doing arbitrary things to the
operating system. Now, those obviously don't work 100%, but it leads
to questions:
Q: What is the definition of a "document" vs. an "executable file" and
how would you exercise precautions against "opening" the former vs.
"running" the latter?
--
Ted Roche
Ted Roche & Associates, LLC
http://www.tedroche.com
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
