On May 3, 2012, at 9:51 AM, David Winsemius wrote: > > On May 3, 2012, at 8:34 AM, Simon Urbanek wrote: > >> >> On May 2, 2012, at 11:24 PM, David Winsemius wrote: >> >>> >>> On May 2, 2012, at 6:11 PM, Demitri Muna wrote: >>> >>>> Hi, >>>> >>>> On May 2, 2012, at 5:57 PM, David Winsemius wrote: >>>> >>>>> I agree that this should not crash R although your didn't really describe >>>>> what that means. >>>> >>>> It's the big "report this to Apple" crash. The whole app goes down. >>>> >>>>> I did notice that an exclamation point was in there near the end, because >>>>> my editor break long lines at "!" and that is not a valid numeric content >>>>> as far as I know. >>>> >>>> These seem to have been introduced by the mailer - they don't exist in the >>>> original data. I wasn't sure if I could send an attachment, but I'll try >>>> that now. >>> >>> I'm the only one who got that zipped file and I'm not planning on opening a >>> potentially executable file on this machine. >> >> I think you are misunderstanding what is a zip file ... > > So I'm now wondering if there are two components to my misunderstanding: > > 1) My experience with Windows is that zip files are sometimes delivery > vehicles for executable files and htat the OS can be configure to > auto-execute such files on decompression without further intervention. I > worried that MacOS might have the same potential. >
On Windows, yes, executables can be masqueraded as zip files with interesting consequences if the tools on the machine are broken enough (I wonder if this is really a relic from old times), but not on the Mac - zip files are as good as tar.gz or any other archive format. Also any half-way aware user (which may be the minority of Windows users, but hopefully not among R users) will unpack zip files directly, not by running them. Note that R uses zip files for packages, so it can't be evil :). > 2) Am I also then misunderstanding what sorts of files the mailserver accepts > and passes on to the list subscribers? > I'm not sure about the misunderstanding there - typically reasonable mail servers will scan content for viruses but otherwise pass any content through. Less reasonable mail servers may do pattern matching on file names and block some patterns (the net effect being frustrated users that can't get work done with no real security gain). Cheers, Simon _______________________________________________ R-SIG-Mac mailing list [email protected] https://stat.ethz.ch/mailman/listinfo/r-sig-mac
