Re: Firefox - gedit is the best!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tim:
>> For one thing, it's why Windows is so vulnerable.  Nasty stuff
>> bypasses sensible handling, and is allowed to execute, because
>> that's what Windows does with binary program files (it executes
>> them).

Ian Malone:
> This isn't an argument for using content type rather than
> autodetection, the content type could be manipulated as part of an
> attack.

I don't agree that it it's not, but you do mention yet another problem.

An example of what I meant, was Windows being passed data that it says
is a MIDI file.  Windows thinks MIDI is benign, so allows it (likewise
with users that see a MIDI file, and think its safe to double-click on
it).  But rather than palm the data off to a MIDI handling program, like
it should do.  It snoops the file, finds out that it's an executable
binary, and does what it usually does - executes it.  And runs the
attack.

If, on the other hand, it behaved properly, and passed the attacking
binary onto the MIDI player, the MIDI player would have rejected the
file, and no attack would have happened.

This isn't a made up example, by the way.  It was a very common, and
very long-lived, attack vector in HTML spam mail.  One that I used to
see, time and time again, on mailing lists that did inadequate
registration checks, and on usenet.  The usual approach was to try and
include the fake MIDI file as music that was supposed to automatically
play in the background when the message was displayed.  So all a user
had to do was read the message to be attacked.

I can't think of an example in the opposite direction (where obeying the
MIME type declaration would be an exploit).

-- 
[tim@localhost ~]$ uname -rsvp
Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64

All mail to my mailbox is automatically deleted, there is no point
trying to privately email me, I will only read messages posted to the
public lists.

George Orwell's '1984' was supposed to be a warning against tyranny, not
a set of instructions for supposedly democratic governments.



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux