[svlug] eWeek article on MS Outlook

Deirdre Saoirse deirdre at deirdre.net
Tue May 16 12:31:26 PDT 2000


On Tue, 16 May 2000 kmself at ix.netcom.com wrote:

> The issue of executable content/execute bit is irrelevant when a file
> can be sourced by an interpreter.  Examples include sourcing files
> from the shell running a file against an interpreter, interpreters
> which take files as arguments, and files which are executed or
> interpreted by mediating software.  Examples, you ask?

That's fine, except it has squat to do with desktop vs. command-line, as
JC is asserting. My counterexample is the MacOS paradigm, where scripting
was never a major part of the paradigm. Opening a file is opening, not
executing.

Under Windows, since DOS had an underlying tradition of scripting, the
reverse is true: many "programs" weren't really programs.

> I concur with Rick that the idea of "opening" a file having execute
> ramifications is troubling, particularly when file formats are such that
> simple viewers aren't capable of determining potential for abuse, and
> more powerful binary viewers aren't generally available.  However,
> there's no reason an interpreter couldn't be written for Linux along
> the lines of MS Word or Excel, which could open, read, and execute
> content marked non-executable.  It is the interpreter which is running,
> the script file need not be executable.

True, even in, as examples, various existing interpreters including
shells.

> While the Mac may not have had the same tradition of scripting, my
> understanding is that modern tools, including Unix shells, Perl, and
> Python, might soon be available for the platform.  This spanks of an
> argument closely paralleling "security by obscurity" with similarly
> dangerous" implications.

Perl and Python are already available for MacOS and have been available
for years. I don't see that the security is ANY different for anything
that can be, as you make the point, sourced into an interpreter.

> Linux and Unix have tended to be free of the types of viruses and
> worms which plague Microsoft platforms.  While user, file, and process
> security models under Linux provide some protection from the more
> grossly damaging effects of typical MS Windows viruses, a world in
> which content is treated as trusted and can be easily or automatically
> executed is one in which viruses and worms can be spread.  There is no
> magic shield preventing the same brain-dead application architectures
> which have come into being in the Windows world from emerging on the
> Linux landscape.

>From what I see, the potential is there all along with one exception:
there's limited damage one can do in a multi-user system when not running
as root.

There is NO way to reliably determine what is or is not a virus. None.
And, for this sort of thing, there is no way to effectively prevent it,
even on Linux. Worms are easily written and can be spread easily in
interpreted languages.

-- 
_Deirdre   *   http://www.sfknit.org   *   http://www.deirdre.net
"Linux means never having to delete your love mail." -- Don Marti






More information about the svlug mailing list