On Tue, 18 Jan 2005, David Mandelberg wrote:

> Save to your GNOME/KDE desktop (like many newbies do) and double click  the 
> new
> icon. .desktop files (currently) don't need the x bit set to work, so no
> chmod'ing is necessary.

that'd be dumb of the user
 
> This one is pretty harmless (it just echo's rm -rf $HOME and pauses), but if 
> it
> had Terminal=false, had the OOo writer icon, a title of something.sxw and
> actually rm -rf'd $HOME, it would look like a broken OOo document while 
> cleaning
> some poor newbie's $HOME.

that be even dumber of the user ..

and it is a known problem from 15-20 years ago ..

        - don't click or execute commands you do nto know 
        what it will be doing

        - even simple things like ls, tar, cat can be renamed ( cracked )
        to something more painful

- it not a security issue ... and is unsolvable, not preventable
  if you click on things or execute commands manully

        - the super paranoid might be using encrypted fs with 
        md5 of their commands before executing "cat foo"

c ya
alvin



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to