Hi Anton, I just ran REBOL/View from my REBOL home directory to test the default install behavior. I was able to rename rebol.exe to another file name (blah.bak) and then write out a random file downloaded from a remote web site to a file named rebol.exe . You don't have to delete the file for this exploit to work. This is a major security hole. And yes, I was on Windows XP.
Keep in mind that I was running in the console though. Scripts started from the REBOL desktop are sandboxed in their folders under public, so it's not as bad as it could be. View scripts started from the desktop actually need Pro or Command features to do more than fill your hard drive; with Library support or call enabled all bets are off though. Brian Hawley At 12:18 AM 5/10/04 +1000, you wrote: >I just tried opening a copy of my rebol.exe, >named rebolblah.exe and within the rebol console >to delete %rebolblah.exe. >This produces a write access error. >As far as I know you can't modify a running executable. >That's on WindowsXP. > >I can't remember if Win9x allows that. Anyone ? > >Anton. > > > The important thing to remember here is REBOL's sandbox security. > > We need to prevent ordinary users from having write access to the > > installed REBOL executable without prompting and the easiest way > > to do that is to put it in a different directory than their data. > > This will prevent downloaded scripts from replacing the executable > > with something nasty. > > > Brian Hawley -- To unsubscribe from this list, just send an email to [EMAIL PROTECTED] with unsubscribe as the subject.
