2009/11/12 Jonas Sicking <jo...@sicking.cc> > 2009/11/12 Ian Fette (イアンフェッティ) <ife...@google.com>: > > This is really getting into fantasy-land... Writing a file and hoping > that > > the user actually opens up explorer/finder/whatever and browses to some > > folder deep within the profile directory, and then double clicks > something? > > Telling a user "click here and run blah to get a pony" is so much easier. > > So first off that only addresses one of the two attacks I listed. > > Fair
> But even that case I don't think is that fantasy-y. The whole point of > writing actual files is so that users can interact with the files, > right? In doing so they'll be just a double-click away from running > arbitrary malicious code. No warning dialogs or anything. Instead the > Why do you assume this? On Windows, we can write the MotW identifier, which would lead to windows showing a warning. On linux, we could refuse to chmod +x. > attacker has a range of social engineering opportunities using file > icon and name as to make doubleclicking the file inviting. > > Like I said, I think this might be possible to work around in the > implementation by making sure to neuter all executable files before > they go to disk. > > / Jonas >
