Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Security ramifications of emailed pkgs - was: How it works' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Security ramifications of emailed pkgs - was: How it works
Authored by: Anonymous on Apr 04, '01 07:08:35PM
If it is a MacOS X bundle (i.e., a directory), that saves you from a simple e-mail virus that you merely have to receive (like those nasty VBScript Outlook ones): if you get it in email, it will be tarred and encoded - it is static data.

However, it does provide the possibility that opening an attachment can spawn a virus. This, however, is widely the situation on the net and has been for years - open arbitrary things, and you don't know what you'll get. To be responsible, the Mail client ought to somehow tag the attachment as "untrusted", but how you do that in a general way when the attachment is simply a tar file is something I'm unsure about. For example, you might tag the file somehow, but the user might still simply use the standard gnutar to unwrap it. I suppose if the user's doing that, then they're knowledgeable enough not to shoot their own foot, but ya never know.....

You could at least hack Mail to check for the filename of the attachment. If it is .app or .rtfd, warn the user about executable code (or does Mail do this already?). For that matter, if an attachment's type is tar, then do a tar -t on it and warn of any files inside it that look like they might have executable code.



[ Reply to This | # ]