valdis.kletni...@vt.edu wrote: >> ... The victim is attempting to view a plain text file. Surely >> that can be done safely? > > Only if your OS's security model understands the fact that executable > code and data belong in different security domains and thus different > rules should apply about what files to "trust" in each category.
Hmm... an OS that cannot "view" plain-text in a safe manner... Shame on those who would call that an OS. Yes, even the Windows security model understands those things. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/