[svlug] eWeek article on MS Outlook
deirdre at deirdre.net
Tue May 16 12:31:26 PDT 2000
On Tue, 16 May 2000 kmself at ix.netcom.com wrote:
> The issue of executable content/execute bit is irrelevant when a file
> can be sourced by an interpreter. Examples include sourcing files
> from the shell running a file against an interpreter, interpreters
> which take files as arguments, and files which are executed or
> interpreted by mediating software. Examples, you ask?
That's fine, except it has squat to do with desktop vs. command-line, as
JC is asserting. My counterexample is the MacOS paradigm, where scripting
was never a major part of the paradigm. Opening a file is opening, not
Under Windows, since DOS had an underlying tradition of scripting, the
reverse is true: many "programs" weren't really programs.
> I concur with Rick that the idea of "opening" a file having execute
> ramifications is troubling, particularly when file formats are such that
> simple viewers aren't capable of determining potential for abuse, and
> more powerful binary viewers aren't generally available. However,
> there's no reason an interpreter couldn't be written for Linux along
> the lines of MS Word or Excel, which could open, read, and execute
> content marked non-executable. It is the interpreter which is running,
> the script file need not be executable.
True, even in, as examples, various existing interpreters including
> While the Mac may not have had the same tradition of scripting, my
> understanding is that modern tools, including Unix shells, Perl, and
> Python, might soon be available for the platform. This spanks of an
> argument closely paralleling "security by obscurity" with similarly
> dangerous" implications.
Perl and Python are already available for MacOS and have been available
for years. I don't see that the security is ANY different for anything
that can be, as you make the point, sourced into an interpreter.
> Linux and Unix have tended to be free of the types of viruses and
> worms which plague Microsoft platforms. While user, file, and process
> security models under Linux provide some protection from the more
> grossly damaging effects of typical MS Windows viruses, a world in
> which content is treated as trusted and can be easily or automatically
> executed is one in which viruses and worms can be spread. There is no
> magic shield preventing the same brain-dead application architectures
> which have come into being in the Windows world from emerging on the
> Linux landscape.
>From what I see, the potential is there all along with one exception:
there's limited damage one can do in a multi-user system when not running
There is NO way to reliably determine what is or is not a virus. None.
And, for this sort of thing, there is no way to effectively prevent it,
even on Linux. Worms are easily written and can be spread easily in
_Deirdre * http://www.sfknit.org * http://www.deirdre.net
"Linux means never having to delete your love mail." -- Don Marti
More information about the svlug