Am 2008-03-02 16:32:26, schrieb David Fox: > On 3/2/08, Andrew Sackville-West <[EMAIL PROTECTED]> wrote: > > > The potential hole I see in mutt is not actually a hole in mutt but in > > various helpers used by mutt users. For example, many of us use w3m or > > links or some other text browser to dump html messages to plain text > > For that to work, various helper apps would have to be run as root or > with root privileges. Normally i would not suspect a pic or other > 'data' to try and be executable anyway.
Not realy, it is already enough, IF the "virus" can save something executable in your ${HOME} and install a cron/at job for example... Your system would be transformed into a Zombie sending out spams or use your ~/.public_html (if a webserver is installed) to serv pharmaceutical sites... This IS already enough to create damages... There is absolutly nothing which requires root previlegs. Thanks, Greetings and nice Day Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ ##################### Debian GNU/Linux Consultant ##################### Michelle Konzack Apt. 917 ICQ #328449886 +49/177/9351947 50, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature