Lists Home |
Date Index |
That solution basically amounts to creating a user hostile system where users can't run applications unless allowed to by the system administrator. As for the home user, I don't see how this ultra-cumbersome approach would even get off the ground let alone fly with the average IMing, music downloading teenager. Even if you did all that they'd just go through all the steps and launch the application.
How many people would have believed that requiring a user to download a zip file, unzip it's contents then launch the contained executable would be a virus vector that would actually work let alone be one of the fastest spreading of all time?
PITHY WORDS OF WISDOM
Blessed are the meek for they shall inherit the Earth, minus 40% inheritance tax.
From: Alaric B Snell [mailto:firstname.lastname@example.org]
Sent: Wed 2/4/2004 1:15 PM
To: Dare Obasanjo
Cc: Rich Salz; Bullard, Claude L (Len); email@example.com; firstname.lastname@example.org
Subject: Re: [xml-dev] Can A Web Site Be Reliably Defended Against DoS Att acks?
Dare Obasanjo wrote:
> Short of creating a mail client and server that prevented people from
> receiving mail attachments, how would you solve the problem exploited
> by this current virus on any one of the popular operating systems
> existing today?
On many UNIX systems, just mount /home as not allowing execution, so
people need root priveleges to install software, and non-installed
software can't be run.
UNIX systems don't really have this concept of an executable file
sitting there waiting to be clicked on, anyway - things generally need
to be in your path to get executed to begin with. If I got sent an
executable file as an attachment, I'd need to save it to my home
directory then open up a shell window and explicitly invoke it, with a
"./" prefix to override the path and execute a file from the current