[Esd-l] ZIP scanning, take two (repost)

Snowy Angelique Maslov aka 'Snowpony' snowy at snowy.org
Sun Feb 22 20:01:47 PST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 22 Feb 2004, John D. Hardin wrote:

> Question: should I make the "ZIPPED_EXECUTABLES=$POISONED_EXECUTABLES"
> the default behavior? In other words, should I force you to think
> about your zipped files policy by making it reject everything if you
> don't give a policy, or should ZIPs be trusted by default unless you
> want to be more careful.
> 
> As always, I'm leaning towards default-paranoid.

I must admit I tend to get people to zip things to get through filters on most 
systems.  However with the way Windows XP/2003 now handles zip files this 
technique is starting to have it's own security problems.  :/  I'd say perhaps 
let zips be trusted by default otherwise we are going to run out of ways of 
sending things to people ;)

- -- 
Snowy "Snowpony" Angelique Cerise Maslov -- http://snowy.org/email.signature
PGP (GnuPG) fingerprint = 5280 6EBC D281 A9D2 564B  E274 B2EC 54C3 8325 CECD
Email not addressed/CCd to snowy at snowy.org BOUNCE.  READ URL for disclaimer!
   "Ignorance killed the cat, sir. Curiosity was framed." ---C.J. Cherryh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQFAOXswsuxUw4Mlzs0RAj60AJ9ORMk1OPvKAvpk+dUjNxAFWgSrdQCfZKhp
QQ+Gs6lWHjind8d4VAqNsb8=
=Vs4Q
-----END PGP SIGNATURE-----


More information about the esd-l mailing list