Full Disclosure mailing list archives
Re: Trojan Horse for Mac OS X
From: Joshua Levitsky <jlevitsk () joshie com>
Date: Fri, 9 Apr 2004 19:44:18 -0400
On Apr 9, 2004, at 7:33 PM, Larry Seltzer wrote:
Actually this is not correct. By default they will deny you the ability to save oropen the attachments, but they do not strip anything.Same difference, and in any event Outlook/OE sounds nothing like Mail.app, but very muchlike what the person you corrected said.
Not the same. If you see the file there (which you do when the security option is on) then you absolutely know what you are missing, and that can lead to someone going to the options and turning the feature off. Perhaps if the option wasn't in the GUI, but instead was a registry hack then I would agree with you, but it's in the GUI to disable it and you do see the file attachments exist when the option is on so it's not really such a good feature.
Personally on my own mail servers I simply block all attachments that could be executable as well as those same files in zip archives because email is not the proper means of transmission for such files.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Trojan Horse for Mac OS X, (continued)
- Re: Trojan Horse for Mac OS X Joshua Levitsky (Apr 09)
- Re: Trojan Horse for Mac OS X Thomas Vincent (Apr 09)
- RE: Trojan Horse for Mac OS X Bojan Zdrnja (Apr 10)
- RE: Trojan Horse for Mac OS X Larry Seltzer (Apr 09)
- Re: Trojan Horse for Mac OS X Mary Landesman (Apr 09)
- RE: Trojan Horse for Mac OS X Larry Seltzer (Apr 09)
- Re: Trojan Horse for Mac OS X Thomas Vincent (Apr 10)
- Re: Trojan Horse for Mac OS X Joshua Levitsky (Apr 09)
- RE: Trojan Horse for Mac OS X Larry Seltzer (Apr 09)