[no subject]

[Dave Temkin <dave () ordinaryworld com>]

On Wednesday 28 January 2004 08:37, Dave Temkin  wrote:
> > So?  Had the virii been an application compiled for RedHat and
> > everyone ran RedHat instead of Windows and they downloaded it using
> > Evolution and double clicked on it, it would suddenly be RH's fault
> > instead of MIcrosoft's?

> If RedHat, by default had you running as root rather than an unprivledged
> user, it sure would be.
>
> Most Windows boxes are running with administrative privledges.  That
> makes
> Windows a willing accomplice.  The issue isn't that people click on
> attachments, but that there are no built in safeguards from what happens
> next.
>
> --
> Robin Lynn Frank | Director of Operations | Paradigm-Omega, LLC Cry
> havoc,
> and let slip the dogs of war! Email acceptance policy:
> http://paradigm-omega.com/email_policy.php


You're the second person to say that and it's still wrong.  The virii,
once resident, opens a connection to port 25 on an open SMTP server,
whether it be the user's ISP relay or local server.  Sure, it can't
install itself into /etc/init.d, but it sure can launch itself bg instead
of fg and be running until the user either kills it or reboots the box.

Also, for reference to other people - the preview pane does *not* allow
the execution of attachments unless they're double-clicked on and
acknowledged.  Again - we're not talking about another OS or Outlook
exploit, only a stupid user exploit.


-- 
David Temkin