home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.os.os2.apps:5920 comp.security.misc:1172
- Newsgroups: comp.os.os2.apps,comp.security.misc
- Path: sparky!uunet!gatech!bloom-beacon!bloom-picayune.mit.edu!athena.mit.edu!pshuang
- From: pshuang@athena.mit.edu (Ping-Shun Huang)
- Subject: Re: Self-Extracting Binaries dangerous? (Was: REXXShip: Self-Extracting UUEncode!)
- In-Reply-To: sip1@ellis.uchicago.edu's message of 6 Sep 92 17:56:45 GMT
- Message-ID: <PSHUANG.92Sep6171439@m4-035-13.mit.edu>
- Sender: news@athena.mit.edu (News system)
- Nntp-Posting-Host: m4-035-13.mit.edu
- Organization: Massachusetts Institute of Technology
- References: <1992Sep6.025645.5101@midway.uchicago.edu> <18cf8rINNmpl@agate.berkeley.edu>
- <dank.715798089@blacks> <1992Sep6.175645.24543@midway.uchicago.edu>
- Date: Sun, 6 Sep 1992 21:14:47 GMT
- Lines: 21
-
- In article <1992Sep6.175645.24543@midway.uchicago.edu> sip1@ellis.uchicago.edu (Timothy F. Sipples) writes:
-
- > If someone hands you a file called FORMAT11.EXE it could be a self
- > extracting archive. Or could it do something more dangerous? You
- > just don't know. Unless you take the file and spend hours with a
- > code examiner of some sort, disassembling the code, you won't know
- > what it does until you run it. REXXShip is definitely not like this.
-
- > Arguably REXXShip format is safer than UUEncoded format since the
- > UUDecode utility itself could have been altered by a devious person.
- > REXXShip at least elminates one step.
-
- This reveals a strong argument for the equivalent to an "uudecode"
- utility to be shipped with the operating system -- that way, you don't
- need to worry any more about a spoofed uudecode utility than a spoofed
- REXX interpreter which might interpret a REXX script that *LOOKS*
- harmless in a harmful manner.
-
- --
- Ping Huang (INTERNET: pshuang@athena.mit.edu), probably speaking for himself
-
-
