Being the host for files that might be executable on a different platform puts some burden on me to not host "malicious" files. Just because a wind ows virus is not dangerous to my CMS virtual machine doesn't mean that it isn 't dangerous to my enterprise. If I can identify and eliminate dangerous fil es for any platform in my enterprise, I will, and of course take credit for keeping those windows systems more secure.
/Tom Kern On Wed, 26 Nov 2008 13:47:09 -0500, Michael Coffin <[EMAIL PROTECTED] om> wrote: >Let me play devil's advocate for just a minute. WHAT would actually >constitute a "virus" in a VM/CMS environment? > >We don't have the "backdoors" and "automatic program execution" stuff >that comes out of Redmond, so you don't have to worry about, for >example, XEDITing a file and it launching a program without your >approval that formats your 191 disk. I suppose someone could create a >PROFILE XEDIT that actually DOES format your 191 disk, but they cannot >"introduce it to you" without you taking very specific actions, i.e. >RECEIVE the file from the RDR. Is it reasonable to assume that, in >2009, CMS users know what EXEC, XEDIT, and MODULE files do? > >How would such a "virus" be detected? Is any program that executes the >FORMAT command (for example) going to be considered "dangerous"? That >would flag probably 50 or more legitimate execs that I use in production >to manage the system. > >I just don't see the term "virus" being applicable in a VM/CMS >environment. Perhaps "malicious executable" sent by a known entity, >received by the recipient and executed with their explicit knowledge >(EXEC/MODULE) or implicit knowledge (XEDIT macros). > >-Mike
