Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs

[11a () GMX NET (Bluefish)]

> Yeah, some upgrading will band-aid the sitiuation, but...
> You are still only seeing half of it. They are dependant on user
> interaction *and*  the ability for a program to own the machine.  If you

Sorry but I don't follow. IMHO they do not need to "own" the machine, just
to be "executed" upon it. Scenario: somebody decides to write a unix worm.
A perl script which spreads by mailing itself.

It will *not* own the machine. It will merely be executed. It will however
be executed with your UID and can destroy all your documents. Sure, it
won't "own" the machine (won't be root), but the effect will be almost as
bad for you.

Now, I do note the possibility to create workarounds for this, most
importantly sandboxes (setuid nobody /sandbox/bash, or even better
chrooted with limited capabilities etc) which are due to the multiuser
aware operating systems. But since sandboxes are not commonly used for
this purpose (I'm not aware of any email client offering 'secure'
executation of incomming files) at today standard it will work.

However, I don't think it actually will spread very much. Why? Because
most unix users will reply to the sender with "hey that gotta be a virus",
and those who don't get the picture have a email client which allows you
to do stupid things that easily (I *assume* no client upon unix allows you
to execute code in one click ;)

What I wanted to show with the argument however was that as today the
differences regarding email worm-capabilities on unix is possible and the
real difference isn't the security in the operating system but that the
interfaces are more clear and it isn't so easy to do folish things.

> Oh sure. I know for a fact that KDE, a very popular Linux  WIndow Manager
> features kmail which handles mime attachments very well. I routinely have
> Mathematica launched to handle an attachment. I'm fairly cetain that
> popular formats like PDF, postscipt etc are handled "right out of the
> box."  Even if this is the only window manager available that does this
> out of the box (I doubt it) the point is, there will be soon.

The security of that then relies upon the specific file formats to have
secure handlers. If it supports a scripting languange, or a data format
with severe bugs, we could potentionally have the same problem as we have
with VBS on W9x.

>  >  > > trait. But as I pointed out earlier, *nix has
> compartmentization in the > > design, so even if these capabilities are
> built into the GUI, the overall > > ability for hostile code to damage the
> system is still much less than with > > W9x because any program can
> basically "own" the computer in W9x if written > > properly.

This is true. I use this by having more than one UID assigned to myself.
But AFAIK most people does *not* use more than one UID, and doesn't have
any kind of sandbox either. So the reports of lost media files eyc is
possible on most systems.

> You will fail.  Having experience with 12,000+ user - intranets tells me
> that you can't  "educate" everybody, so that is not the solution. Clear
> interfaces are the band-aid.

I agree that teaching users is a dead end. There are numerous that cannot
be tought (as opposed to what some people have expressed both on list and
off list.

But if I do believe it does a difference to the users which have any clues
left that if you can easily see that you are about to execute something,
not simply "view" it, will think twice.

> That's where you are really wrong.  When the general public get's into
> thier head that their data (their homework, their painting
> etc.) is at the mercy of almost any bored 15 year-old and there is no
> permanent solution in 9x, they'll move on.

"get into their heads" sounds very close to "educate them"... How to make
people understand what has been known for long? Personly, I believe the
avarage windows computer is never upgraded. The 'upgrade' comes when the
user buys a new computer.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team