Secure Coding mailing list archives
RE: Re: Hypothetical design question
From: "Carl G. Alphonce" <alphonce () cse Buffalo EDU>
Date: Fri, 30 Jan 2004 14:30:42 +0000
on Friday January 30, 2004, Nick Lothian wrote:
the user community has grown very fond of some of the very features that viruses and worms thrive on (e.g., file attachments that can be executed with a single/double click of a mouse)I don't think this is quite true. I think most users want to __view__ attachments, either pictures or text. They expect the viewer to be Word, Powerpoint Paint, etc. They don't expect, when they click on an attachment, to __execute__ it.I feel the distinction between "view" and "execute" is no longer as clear as we would like it to be. I don't think I can necessarily distinguish between them anymore - I certainly can't explain the distinction. If you open a Word document, are you executing it? How about an Excel spreadsheet that contains calculations? Try explaining to a home user the difference between macros and calculations in a spreadsheet.
You certainly both view and execute a postscript document. I think the relevant distinction concerns what operations can be performed as a result of viewing. If the viewer permits only a limited set of "safe" operations to be performed, viewing a document (interpreting its instructions) is presumably safe. If the viewer does something silly, such as granting unrestricted access to the underlying OS, viewing a document is risky business. I think it's obvious that you don't want the OS to be your viewer :-) ------------------------------------------------------------------------ () ascii ribbon campaign - against html e-mail /\ ------------------------------------------------------------------------ Carl Alphonce [EMAIL PROTECTED] Dept of Computer Science and Engineering (716) 645-3180 x115 (tel) University at Buffalo (716) 645-3464 (fax) Buffalo, NY 14260-2000 www.cse.buffalo.edu/~alphonce
Current thread:
- Re: Re: Hypothetical design question, (continued)
- Re: Re: Hypothetical design question der Mouse (Jan 31)
- RE: Re: Hypothetical design question Michael S Hines (Jan 30)
- RE: Re: Hypothetical design question Ben Corneau (Jan 31)
- RE: Re: Hypothetical design question Alun Jones (Feb 01)
- RE: Hypothetical design question Nick Lothian (Jan 29)
- Re: Hypothetical design question der Mouse (Jan 30)
- Re: Hypothetical design question Glenn and Mary Everhart (Jan 30)
- Re: Hypothetical design question Fernando Schapachnik (Jan 30)
- RE: Re: Hypothetical design question Nick Lothian (Jan 29)
- Re: Hypothetical design question Greenarrow 1 (Jan 30)
- RE: Re: Hypothetical design question Carl G. Alphonce (Jan 30)
- RE: Hypothetical design question Jeremy Epstein (Jan 30)
- Re: Hypothetical design question der Mouse (Jan 31)
- RE: Hypothetical design question Shea, Brian A (Jan 31)
- RE: Hypothetical design question ljknews (Feb 01)
- RE: Hypothetical design question Alun Jones (Feb 02)
- RE: Hypothetical design question ljknews (Feb 03)
- Re: Hypothetical design question Crispin Cowan (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- RE: Hypothetical design question dtalk-ml (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- RE: Hypothetical design question ljknews (Feb 01)