Linux-Advocacy Digest #459, Volume #26 Thu, 11 May 00 14:13:04 EDT
Contents:
Re: Here is the solution (Leslie Mikesell)
Re: Here is the solution (Leslie Mikesell)
XFree86 4.0 security! ("Cihl")
Re: Not so fast... (The Cat)
Re: Linux Setup ("Cihl")
Re: Not so fast... (The Ghost In The Machine)
Re: How to properly process e-mail (Sierra Tigris)
Re: win millenium ("Cihl")
Re: How to properly process e-mail (Bit Twister)
Re: How to properly process e-mail (Sierra Tigris)
Re: How to properly process e-mail (Sierra Tigris)
Re: Window managers ("Cihl")
Re: How to properly process e-mail (JEDIDIAH)
Re: Not so fast... ("Robert L.")
Re: win millenium ("Robert L.")
Re: How to properly process e-mail (Leslie Mikesell)
Re: Why only Microsoft should be allowed to create software (Joe Ragosta)
Re: Need to make UNIX autoresponder (QVAFF)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To:
comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy
Subject: Re: Here is the solution
Date: 11 May 2000 12:01:58 -0500
In article <8feh9a$k4r$[EMAIL PROTECTED]>,
Chad Myers <[EMAIL PROTECTED]> wrote:
>
>> Can you write a backup domain controller capable of syncing
>> contents with an NT domain controller? Or a replacement
>> primary controller that can sync to a Microsoft backup
>> controller?
>
>HP was able to with their AS9000 (IIRC that's it's name). It's a very good
>NT Server implementation on HPUX
Isn't that licensed Microsoft code under the covers? I do not want
to trust the information and functionality held by a domain
controller to a single-vendor product. I wouldn't even if that
vendor were not in a monopoly position and headed down a path
of making every useful new feature depend on this service that
only they control.
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To:
comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy
Subject: Re: Here is the solution
Date: 11 May 2000 12:09:11 -0500
In article <gIsS4.497$[EMAIL PROTECTED]>,
Erik Funkenbusch <[EMAIL PROTECTED]> wrote:
>> >All you conspiracy theorists are welcome to take this challenge.
>> >
>> >Just *one* API call is all I'm asking for here...
>>
>> Can you write a backup domain controller capable of syncing
>> contents with an NT domain controller? Or a replacement
>> primary controller that can sync to a Microsoft backup
>> controller?
>
>That's a protocol, not an API.
I have the feeling that you are going to reply that anything that
isn't documented isn't an API, but let's take the same issue
from the other direction where it clearly is an API. How do
I, on a client, exchange a password in the NT encrypted mode
using a protocol of my own and a server of my own, and then
make the client consider itself authenticated in the domain?
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: "Cihl" <[EMAIL PROTECTED]>
Subject: XFree86 4.0 security!
Date: Thu, 11 May 2000 17:22:28 GMT
> Unlike the windows install shield disaster, rpms can be checked.
>
> man rpm:
>
> rpm --checksig <package_file>+
>
> This checks the PGP signature built into a package to
> ensure the integrity and the origin of the package. PGP
> configuration information is read from /etc/rpmrc. See
> the section on PGP SIGNATURES for details.
>
Speaking of which:
I noticed that the new XFree86 4.0 uses separate modules for display and
mouse and such. Some (or maybe all) of these modules have to communicate
with the kernel one way or another.
I'm pretty sure there is a potential hacker exploit somewhere in this. Have
the Xfree-guys thought about signing those modules to prevent something like
that?
------------------------------
From: The Cat <[EMAIL PROTECTED]>
Subject: Re: Not so fast...
Date: Thu, 11 May 2000 17:25:10 GMT
I think you might want to check the spelling on that word :)
On 11 May 2000 14:51:39 GMT, [EMAIL PROTECTED] (abraxas) wrote:
>Jeff Szarka <[EMAIL PROTECTED]> wrote:
>
>> Odd.. I've had a number of people here tell me I fellatiate
>
>Dont listen to them. Theyre just bullies.
>
>
>
>
>-----yttrx
TheCat (Steve)
"Agent under Wine and powered by Mandrake 7.0"
------------------------------
From: "Cihl" <[EMAIL PROTECTED]>
Subject: Re: Linux Setup
Date: Thu, 11 May 2000 17:28:13 GMT
SuSE? Maybe you should try to boot with the -second- CD.
You should be able to add modules at the first installation menu to
recognize your particular CD-ROM. (after choosing keyboard, color and
language)
The installation on the second CD is not GUI-based, though. Maybe you have
to check the packages that are installed. They might not be the same as
those in the GUI-installation.
If you have the eval-cd, instead of the whole distro, you can make a
bootdisk with rawrite and the bootdisk-image on the CD.
John Tankersley <[EMAIL PROTECTED]> schreef in berichtnieuws
391a168a$0$[EMAIL PROTECTED]
> Hello,
> My name is John Tankersley. I am seeking some help from anyone that has
any
> advice or information. I am trying to install SuSE Linux 6.4 on a new
> machine. I booted the machine with the first cd installed. The machine
> started
> reading the cd. I checked the Language and Country to be installed. Next
> step, was to started loading base system. The unit does not recognize the
> cdrom player. I believe it is a Plextor unit. I went into the BIOS setup
> and checked for the boot sequence. I set it to boot A then C. saved it .
> Then retryed to installed base system. Unit still does not recognize
cdrom
> player.
> What should I be looking for. I was told that some of the older machines
> need a
> module installed to recognize the cdplayer. I am not sure if the bios is
> upgradable. Thanks for any help.
>
> John Tankersley
> [EMAIL PROTECTED]
>
>
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Subject: Re: Not so fast...
Date: Thu, 11 May 2000 17:29:02 GMT
In comp.os.linux.advocacy, Jeff Szarka <[EMAIL PROTECTED]>
wrote on Thu, 11 May 2000 12:37:05 GMT
<[EMAIL PROTECTED]>:
>As one would expect, there are many people in this group who refuse to
>believe any sort of viruses or trojans could be created for Linux.
Debatable. I think most Linux users recognize that the Linux
system is highly resistant to virii, but not totally immune.
>While it is true that the current fad of .vbs based viruses only
>targets Windows there are a number of ways a viruses writer could
>target Linux.
>
>1) Infect source code, redistribute.
>This would be very easy to do and there would be little way for a user
>to detect a RPM file is infected with modified code.
Actually, in that case, you'd want to infect the binaries, too.
Not many people install from source code (although with RPM and
lots of disk space, RPM does make it convenient :-) ).
>If you could gain
>access to the FTP mirrors you could infect huge numbers of people.
>Just how many users read all the source code in a program? (If any)
If we have 100 independent users, each reading 1% of the source code,
63.4% (= 1 - (.99^100)) [*] of the source code would be read.
The more users, the more source code.
>There would be no way to detect a modified RPM package to my
>knowledge. Such a virus could install a back door, do mass mailings
>(by reading mail client configurations) or destroy data. The
>apache.org hacking showed not only can it be done but it can be done
>to the makers of apache, that I would venture to guess runs 99.9% of
>most Linux software projects web sites.
True, and whoever did it was apparently fairly clever.
This doesn't mean of course that Microsoft doesn't have back
doors.
>
>2) User stupidity
>"Hey Bob, run this .pl file, it'll fix a bug. Don't worry... it's a
>patch from Linus. See how fast open source is to fix bugs..."
Stupid users are ... stupid users.
How many people double-clicked on the love letter again? :-)
>
>"Hey Bob, here's an updated driver for your sound card. Don't worry...
>it's safe to run..."
>
>"Hey Bob, I got the new version of your favorite program. The mirror
>sites are packed, I'll send it to you."
>
>Etc. Maybe Bob will even get sent happy99.exe, Linux edition.
Linux virii do exist; see "bliss". (It's actually a slow,
benign growth as viruses go, and fairly stupid.) And of course
anyone with a little technical knowledge can play "hack the ELF",
and thereby infect executables -- woe betide any sysadmin who leaves
insufficiently protected executables around. (I haven't done
it myself, though, but all the tools are there in /usr/include.)
>
>3) Lack of Linux viruses scanners
>If outbreaks did occur they would be impossible to detect without
>customized programs. (Which could lead you right back to point #2 two)
True, although this by itself doesn't constitute a problem.
Why get a scanner if there's nothing to scan? :-)
>
>4) Distribution
>The more distributions the more people who have access to code that
>can be sent out to thousands of users. The larger name distributions
>most likely would be safe (although we've seen that's not entirely
>true already. See point #5) but smaller, most customized,
>distributions could easily introduce back doors. (Which could lead to
>outbreaks of new viruses)
This is true, and it is a risk.
>
>5) Distribution Bloat
>The sheer size of the code included with Linux opens the door for back
>doors and others problems to slip by. (Which has already happened)
And how many lines was Windows NT again? :-) Still, you're right;
the more code, the more chance something might slip past. But
this isn't specific to Linux.
>
>6) User zealotry
>A virus could spread simply because everyone running Linux thinks
>they're safe. I'm sure many don't give a second thought about the
>possibility of a virus outbreak. How many people blindly trust RPM's
>to be safe? Lots.
How many people blindly trust Outlook Express, VB Scripting Host,
or Microsoft Windows to be safe?
Double-edged sword, there.
>
>7) Pre-emptive strikes against security problems in open source
>software
>Why report the bug or fix it when you can exploit it first?
One advantage of O.S. is that, once reported, things tend to be
fixed rather quickly. Consider the teardrop scenario, for instance.
>
>8) Lack of software upgrades
>A mixed blessing but if something works its not always updated. Many
>security exploits are executed on systems running older software
>because they're known to be open to an attack.
Not specific to Linux or Unix.
>
>9) Developers bringing bugs with them.
>You can argue that UNIX developers are less prone to introducing bugs
>since traditionally UNIX has been a market for high reliability / high
>security applications but what happens if Windows developers jump on
>the Linux bandwagon? They'll bring their bugs with them. How many
>Win32 apps have we seen store their passwords in plain text in an .ini
>file? How many have buffer overflow exploits?
Are you attacking Linux, Windows, or bad programming practices? :-)
Of course, were one to state that Linux is only for those who
know what one is doing, then the Winvocates would probably
attack it as elitist (and rightly so). Of course, one would hope
that one eventually learns what one should be doing, in either case... :-)
>
>10) Possible influx of desktop users
>Aka, targets. Aka, people who run happy99.exe
>
>These faults are not unique to Linux but do prove the point that Linux
>(and every other OS ever made) is open to viruses. A recent CNN
>article said Linux is safe because it is open source and promotes
>competition. The above points, in some cases, take advantage of the
>open source code. History also disputes this claim. There have been
>glaring bugs in the past, which by this argument should have been
>impossible.
Yeppers. This makes Windows the safer system for the masses, and
everyone should rush right out and buy a copy of Windows 98SE
or Windows 2000 (or Windows Millenium/Me, when it's released this
summer), plus all pertinent software such as Office right away;
don't delay! Operators are standing by now to take your call.
Spot The Flaw.
>
>
>Something to think about before everyone climbs up into their ivory
>towers and pretends it can't happen here.
I'll agree with that sentiment. Just remember, Windows users are
down in the trenches, too.... :-)
[*] bc isn't too bright; one should scale=10 prior to computing
this expression, otherwise one gets 68%. One is reminded of
the "3.11 - 3.10 = 0.00" calculator bug, but one is also reminded that
tools aren't perfect and one should know how to use them. :-)
--
[EMAIL PROTECTED] -- insert random misquote here
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
From: Sierra Tigris <[EMAIL PROTECTED]>
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 17:30:26 GMT
JEDIDIAH posted May 11 re: Re: How to properly process e-mail
| A person should not "need" to be "smart" merely to "open" something.
| That rather defeats the point of an ease-of-use system.
This response is totally idiotic. Next
--
Da Katt
[This space for rent]
------------------------------
From: "Cihl" <[EMAIL PROTECTED]>
Subject: Re: win millenium
Date: Thu, 11 May 2000 17:31:41 GMT
I just noticed a preview of ME on ZDNet. Microsoft always seems to manage to
make it look better, but never to make it WORK better. I also noticed there
that Microsoft made some more innovations (sic) with internet connectivity.
Robert L. <[EMAIL PROTECTED]> schreef in berichtnieuws
WPyS4.38039$[EMAIL PROTECTED]
> "Martijn Bruns" <[EMAIL PROTECTED]> a écrit dans le message news:
> [EMAIL PROTECTED]
> > "Robert L." schreef:
> > >
> > > they have not corect the MBR bug, my lilo have been erase.
> > > BTW, i have 2 rescue disk, i was certain that the mbr gonna
> > > be erase, so i protect myself ( and Linux ).
> > >
> > > oh, i'm beta tester for Win millenium, and i have the french beta 3.
> > >
> > > after 6 years, they have not delete the MBR bug, what a great companie
> !!!!!
> > > Linux bug are delete in almost 1 day.
> > > So, which one is better?
> > >
> > > PS I have 2 computer, 1 with dual boot WinME/Linux RH5.2, and the
other
> with
> > > only Linux RH 5.2
> > > The second one have 8 Meg ram, so it's imposible to even run the
install
> > > program.
> >
> > What more can you tell us about it? It's good to know about the
> > competition :-)
> >
> > (What did you say?) The hardware requirements have gone up even
> > further?!
> > Are there a lot of bugs like in Win98SE, or have they improved
> > upon something else, besides the (unneeded) features?
>
> It now need 32 meg ram ( 16 for win98, 8 for win95 ). After one day, it
> crash twice. But it's a beta version, so we can't ask a perfect system (
> even stable version have bug )
> The improvement are the look, a lot of app. have been change to feel
better.
> 16-bit seem to be completely remove, autoexec.bat don't exist anymore. It
> seem to be an emulator than the real msdos.
>
> Overall, it seem to have some difference, but can't see them after one
day.
> I have to test it more.
>
> I'll make a website for it...
>
>
------------------------------
From: [EMAIL PROTECTED] (Bit Twister)
Subject: Re: How to properly process e-mail
Reply-To: This_news_group
Date: Thu, 11 May 2000 17:31:37 GMT
On Thu, 11 May 2000 02:49:59 GMT, CAguy <[EMAIL PROTECTED]> wrote:
>On Wed, 10 May 2000 22:30:52 +0200, Mig Mig <[EMAIL PROTECTED]> wrote:
>This is no more dangerous then going to a web page the does the
>same thing. I get those also..and it's annoying as hell.
>
Dangerous, you might want to look here
http://www.cert.org/advisories/CA-2000-02.html
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
From: Sierra Tigris <[EMAIL PROTECTED]>
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 17:31:45 GMT
Leslie Mikesell posted May 11 re: Re: How to properly process e-mail
|We aren't talking about smart people here. We are talking about
|people running Microsoft products - people who have to have a
|picture drawn for them...
Stupid classification of all MS product users aside, your comment
actually supports my point.
--
Da Katt
[This space for rent]
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
From: Sierra Tigris <[EMAIL PROTECTED]>
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 17:33:27 GMT
Leslie Mikesell posted May 11 re: Re: How to properly process e-mail
|> How about common intelligence? To _not_ open a file you have no
|>clue about until you get its contents verified, by someone you trust? HOw
|>about some personal responsability people?
|
|Why give people an email system that they can't use? The only way
|to verify an attachment would be to compare it to a copy you had
Are you truly that stupid? Who said not to use it? Go away.
--
Da Katt
[This space for rent]
------------------------------
From: "Cihl" <[EMAIL PROTECTED]>
Subject: Re: Window managers
Date: Thu, 11 May 2000 17:33:47 GMT
Matthias Warkus <[EMAIL PROTECTED]> schreef in berichtnieuws
[EMAIL PROTECTED]
> It was the Wed, 10 May 2000 14:05:34 GMT...
> ...and Alberto Trillo <[EMAIL PROTECTED]> wrote:
> > Hi everyone. I've been thinking about KDE and GNOME and at
> > how each other window manager is changing its code to make it
> > GNOME and KDE hints compatible, and I've decided that I do
> > not like that.
>
> [schnibble]
>
> Before we continue this thread, please tell me that you understand
> that KDE and GNOME are not window managers.
>
Not they're not. But they both -have- window managers.
------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: How to properly process e-mail
Date: Thu, 11 May 2000 17:38:47 GMT
On Thu, 11 May 2000 17:30:26 GMT, Sierra Tigris <[EMAIL PROTECTED]> wrote:
>JEDIDIAH posted May 11 re: Re: How to properly process e-mail
>
>| A person should not "need" to be "smart" merely to "open" something.
>| That rather defeats the point of an ease-of-use system.
>
> This response is totally idiotic. Next
No it isn't.
You MS Shills will make plenty of noise about computers needing to
be like toasters when it suits you.
Quite simply, the system needs to be designed to deal with the
stupid and the malicious. This is true in general and not just
limited to computing. In this case, some trivial steps could have
been taken in that regard but WEREN'T.
This is also a recurring problem that just keeps on getting worse
while the OS vendor in question just sits on it's fingers.
--
In what language does 'open' mean 'execute the evil contents of' |||
a document? --Les Mikesell / | \
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: "Robert L." <[EMAIL PROTECTED]>
Subject: Re: Not so fast...
Date: Thu, 11 May 2000 17:39:53 GMT
"Jeff Szarka" <[EMAIL PROTECTED]> a écrit dans le message news:
[EMAIL PROTECTED]
> As one would expect, there are many people in this group who refuse to
> believe any sort of viruses or trojans could be created for Linux.
> While it is true that the current fad of .vbs based viruses only
> targets Windows there are a number of ways a viruses writer could
> target Linux.
>
> 1) Infect source code, redistribute.
> This would be very easy to do and there would be little way for a user
> to detect a RPM file is infected with modified code. If you could gain
> access to the FTP mirrors you could infect huge numbers of people.
> Just how many users read all the source code in a program? (If any)
> There would be no way to detect a modified RPM package to my
> knowledge. Such a virus could install a back door, do mass mailings
> (by reading mail client configurations) or destroy data. The
> apache.org hacking showed not only can it be done but it can be done
> to the makers of apache, that I would venture to guess runs 99.9% of
> most Linux software projects web sites.
>
> 2) User stupidity
> "Hey Bob, run this .pl file, it'll fix a bug. Don't worry... it's a
> patch from Linus. See how fast open source is to fix bugs..."
>
> "Hey Bob, here's an updated driver for your sound card. Don't worry...
> it's safe to run..."
>
> "Hey Bob, I got the new version of your favorite program. The mirror
> sites are packed, I'll send it to you."
>
> Etc. Maybe Bob will even get sent happy99.exe, Linux edition.
>
> 3) Lack of Linux viruses scanners
> If outbreaks did occur they would be impossible to detect without
> customized programs. (Which could lead you right back to point #2 two)
>
> 4) Distribution
> The more distributions the more people who have access to code that
> can be sent out to thousands of users. The larger name distributions
> most likely would be safe (although we've seen that's not entirely
> true already. See point #5) but smaller, most customized,
> distributions could easily introduce back doors. (Which could lead to
> outbreaks of new viruses)
>
> 5) Distribution Bloat
> The sheer size of the code included with Linux opens the door for back
> doors and others problems to slip by. (Which has already happened)
>
> 6) User zealotry
> A virus could spread simply because everyone running Linux thinks
> they're safe. I'm sure many don't give a second thought about the
> possibility of a virus outbreak. How many people blindly trust RPM's
> to be safe? Lots.
>
> 7) Pre-emptive strikes against security problems in open source
> software
> Why report the bug or fix it when you can exploit it first?
>
> 8) Lack of software upgrades
> A mixed blessing but if something works its not always updated. Many
> security exploits are executed on systems running older software
> because they're known to be open to an attack.
>
> 9) Developers bringing bugs with them.
> You can argue that UNIX developers are less prone to introducing bugs
> since traditionally UNIX has been a market for high reliability / high
> security applications but what happens if Windows developers jump on
> the Linux bandwagon? They'll bring their bugs with them. How many
> Win32 apps have we seen store their passwords in plain text in an .ini
> file? How many have buffer overflow exploits?
>
> 10) Possible influx of desktop users
> Aka, targets. Aka, people who run happy99.exe
>
> These faults are not unique to Linux but do prove the point that Linux
> (and every other OS ever made) is open to viruses. A recent CNN
> article said Linux is safe because it is open source and promotes
> competition. The above points, in some cases, take advantage of the
> open source code. History also disputes this claim. There have been
> glaring bugs in the past, which by this argument should have been
> impossible.
>
>
> Something to think about before everyone climbs up into their ivory
> towers and pretends it can't happen here.
end user don't read code, you are probably right.
Administrator read them.
If the end user is the same one as the administrator, then now virus can go
on the system very easily. cause habitualy, those user come from windows
platform and don't know what programmation is.
I'm a newbies in C++ ( 1 years and half only on win platform) and i don't
think i'll see a virus. So, as everyone should do, i wait some week before
getting a new version. The place i trust more, is kernel.org, but i know i
should not.
It's the same for windows, i mean, if user download anything, they can get a
virus. I infected my system once, with tchernobyl, the worst is that i have
virus scan, and it didn't detect it. From this time, i remove virus scan,
but i download less program from unknown source.
In Linux, as long as you are as user and not as root, the virus are not very
destructive. In windows, any virus can attack anything. In other OS, i don't
know.
This is why we "don't believe in virus". If we do what we should do, there's
no big dangerous virus.
------------------------------
From: "Robert L." <[EMAIL PROTECTED]>
Subject: Re: win millenium
Date: Thu, 11 May 2000 17:39:54 GMT
"Alberto Trillo" <[EMAIL PROTECTED]> a écrit dans le message news:
WHyS4.1$[EMAIL PROTECTED]
> > after 6 years, they have not delete the MBR bug, what a great companie
> !!!!!
> > Linux bug are delete in almost 1 day.
> > So, which one is better?
>
> That can hardly be called a bug. Just do not remove MBR erasing,
because
> it
> does not interfere with any of its OS's, why should it care about
GNU/Linux
> ? :-)
> Solaris and SCO does not care to much about other OS's either.
>
> > PS I have 2 computer, 1 with dual boot WinME/Linux RH5.2, and the other
> with
> > only Linux RH 5.2
> > The second one have 8 Meg ram, so it's imposible to even run the install
> > program.
>
> Congratulations.
It don't have to change thing without asking me first. It haven't say " I'll
erase the MBR cause i want to"
bug " thing done but is not in his spec."
erasing the mbr is not in the spec. of the installer. If it was, i think it
should say "erasing mbr cause ......"
I have plan to install a slackware on the second, but i'm not enough good
now. I'll get more experience. Maybe in 3-4 month i'll be able to run it
corectly.
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: How to properly process e-mail
Date: 11 May 2000 12:33:24 -0500
In article <[EMAIL PROTECTED]>,
Seán Ó Donnchadha <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] (Rob S. Wolfram) wrote:
>
>>
>>Sorry, I disagree. Email attachments should *NOT* be executed by your
>>MUA, period. If you get executable content via e-mail you should take
>>the necessary steps to be able to execute it (i.e. save to disk and
>>spawn it from the shell).
>>
>
>What's the major conceptual difference between (a) double-clicking and
>issuing a confirmation and (b) saving to disk and launching from the
>shell? Is it only that the former is "too easy"? Is that really the
>reason behind all the vicious bashing?
The distinction is that 'viewing' the contents of the mail should
be easy and natural and not require any warnings. It should also
pose no danger to your system. I suppose you can see objectional
content in an image you receive but that's still quite a bit
different than executing arbitrary system commands.
Are there really people who don't understand the difference between
programs that take a file as data (image/sound/video/text, etc.)
and perform only known actions to process and display it and
those programs that can execute anything based on the contents
of the file? Does windows hide reality so well that this whole
concept is gone?
>>But the latter does demonstrate that it's not an OS problem, it's an
>>application problem.
>
>I think it's a philosophical issue. Should mailers provide an easy way
>to launch attachments, or shouldn't they?
They should make it easy to launch the type of program that does
not give control to the attachment. This covers all of the typical
'multi-media' email content. Most people really don't need an
'easy way' to let an outsider erase their files and there is no
reason to consider this in any way related to the ability to view
a photo. This still leaves a large grey area for the also common
case of office documents that can contain embedded macros. Starting
a macro-enabled wordprocessor or spreadsheet is just as dangereous
as a shell or program interpreter.
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: Joe Ragosta <[EMAIL PROTECTED]>
Crossposted-To:
comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy
Subject: Re: Why only Microsoft should be allowed to create software
Date: Thu, 11 May 2000 17:46:02 GMT
In article <[EMAIL PROTECTED]>, Chris Wenham
<[EMAIL PROTECTED]> wrote:
> josco <[EMAIL PROTECTED]> writes:
>
> > The defendent is part of the process of a conviction. Defendant
> > behavior
> > during the act of conviction, a trial and sentencing, has a great
> > impact -
> > for example doctored videos, memory lapses, denying e-mails.....
>
> Yes, it does have influence. Can we be clear that the act of
> conviction is still not a behavior of the defendant, but a behavior
> of the court?
>
Sure.
But the act of breaking the law is a behavior of the defendant.
--
Regards,
Joe Ragosta
Get $10 free:
https://secure.paypal.com/auction/pal=jragosta%40earthlink.net
Or get paid to browse the web (Mac or PC):
http://www.alladvantage.com/home.asp?refid=KJS595
------------------------------
From: QVAFF <[EMAIL PROTECTED]>
Crossposted-To: tw.bbs.comp.unix,alt.2600,comp.mail.sendmail
Subject: Re: Need to make UNIX autoresponder
Date: 11 May 2000 13:46:24 -0400
Craig Kelley <[EMAIL PROTECTED]> writes:
> [EMAIL PROTECTED] writes:
> > I would like to make an autoresponder in Perl on a UNIX server. Any
> > ideas tips about doing that? I look forward to hearing from you.
>
> Check out procmail.
Alternatively, sendmail lets you put a file called
'.forward' in your home directory. In that file,
you can put the following:
|/path/to/foo
'foo' would be your autoresponder, and will
receive your email messages as STDIN.
In either case, procmail or sendmail,
your Perl program can use Mail::Sendmail
or whatever mail module to easily send mail.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
