Bugtraq mailing list archives
Re: MIME question...
From: doug () Eng Auburn EDU (Doug Hughes)
Date: Fri, 17 Mar 1995 14:34:57 -0600 (CST)
On Fri, 17 Mar 1995, robert owen thomas wrote:
has anyone on this list heard of an "auto-execute MIME extension"? is this an issue? the question arose when i doubted the likelihood of a "virus" being launched via reading an e-mail message. your thoughts? -- o robert owen thomas: Unix consultant. MAILER-DAEMON. user scratching post. o o e-mail: rthomas () pamd cig mot com --or-- robt () cymru com o o vox: 708.632.5768 fax: 708.632.5694 o o -- System Administrator's Dictionary -- o o user (you'zer) n. 1 A waste of system resources; an unwanted load o o on the processor(s) of a Unix system. 2 Someone who uses Caps Lock. o
Sure, you should be careful with MIME. It's very powerful, but with this power comes vulnerability.. Particularly: Postscript - don't have a postscript auto-launcher unless it goes directly to a printer Tcl - safetcl is purported to be okay for MIME. Perl - such a powerful language, wouldn't want it as part of MIME auto-reader though. in general anything that launches a viewer that is part of a programming or scripting environment can be extremely dangerous because of file operations. ____________________________________________________________________________ Doug Hughes Engineering Network Services System/Net Admin Auburn University doug () eng auburn edu "Real programmers use cat > file.as"
Current thread:
- MIME question... robert owen thomas (Mar 17)
- Re: MIME question... Doug Hughes (Mar 17)
- <Possible follow-ups>
- Re: MIME question... Pete Hartman (Mar 27)
- Re: MIME question... r.evans () ic ac uk (Mar 28)
- Re: MIME question... mueller_scott (Mar 28)
- Re: MIME question... Jonathon Tidswell (Mar 28)
- Re: MIME question... Christian Wettergren (Mar 29)
- Request to Join Mailing List BRUCE.SHELDON () STATE MN US (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
- Network Monitoring and Control (announcement) Mike Neuman (Mar 29)
(Thread continues...)