home *** CD-ROM | disk | FTP | other *** search
/ NetNews Usenet Archive 1992 #20 / NN_1992_20.iso / spool / comp / os / os2 / apps / 5924 < prev    next >
Encoding:
Internet Message Format  |  1992-09-14  |  1.3 KB
  1. Xref: sparky comp.os.os2.apps:5924 comp.security.misc:1175
  2. Path: sparky!uunet!utcsri!dgp.toronto.edu!flaps
  3. Newsgroups: comp.os.os2.apps,comp.security.misc
  4. From: flaps@dgp.toronto.edu (Alan J Rosenthal)
  5. Subject: Re: Self-Extracting Binaries dangerous? (Was: REXXShip: Self-Extracting UUEncode!)
  6. Message-ID: <1992Sep6.202133.26032@jarvis.csri.toronto.edu>
  7. References: <1992Sep6.025645.5101@midway.uchicago.edu> <18cf8rINNmpl@agate.berkeley.edu> <dank.715798089@blacks>
  8. Date: 7 Sep 92 00:21:34 GMT
  9. Lines: 15
  10.  
  11. dank@blacks.jpl.nasa.gov (Daniel R. Kegel) writes:
  12. >Is it just me, or do other people shudder at the thought of
  13. >self-extracting binary archives?  They seem dangerous to me
  14. >because they involve running a raw program straight off the net
  15. >without any visibility as to what it's doing.
  16. >
  17. >It seems safer to give everybody a copy of, say, uudecode.  Perhaps
  18. >IBM could include it in their next release as a security enhancement
  19. >for those folks who would otherwise blindly run things off the net.
  20.  
  21. It depends.  What are you going to do with that thing after you uudecode it?
  22. If you're just going to run it right away, that's as big an opportunity as
  23. running it straight off the net.  But if you're not going to run it (e.g. it's
  24. a star trek parody), then you're right, it's foolish to run a self-extracting
  25. program.
  26.