At Fri, 17 Apr 2009 14:07:31 -0500 CentOS mailing list centos@centos.org wrote:
On Fri, Apr 17, 2009 at 1:17 PM, Scott Silva ssilva@sgvwater.com wrote:
on 4-17-2009 9:33 AM Lanny Marcus spake the following:
On Fri, Apr 17, 2009 at 11:25 AM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Fri, 2009-04-17 at 11:13 -0500, Lanny Marcus wrote:
On Thu, Apr 16, 2009 at 11:14 PM, Michael A. Peters mpeters-ee4meeAH724@public.gmane.org wrote:
<snip> > My experience is that when browsing on any OS and you come across an > error message stating that your computer is infected and you need to > install such and such software, the web site I was visiting has an XSS > exploit that was taken advantage of to try and get you to manually > install a piece of malware. > > Install the FireFox extension "noscript" and be very careful about what > domains you authorize scripting from.
I now have NoScript installed.
<snip> > You might want to also check your preferences. FF has settings about > warning about fraud sites etc. You also can affect the things that > javascripts can do and suppress pop-ups. I've encountered those things > that you mentioned and gotten no ill-effects since I just leave the site > immediately.
Bill: I will double check the Firefox configuration settings, since I upgraded from CentOS 5.2 to 5.3, last Friday night. I need to be able to visit that web site, so if anything bad is coming from it (without the knowledge of the webmaster) I will hopefully avoid it, with the NoScript Firefox extension which I just installed. Lanny
Noscript will give you an idea of just how many sites run a script of some kind. You will see a large part of sites just look different when the scripts don't run, and some don't function at all. Not that it is a bad thing, it will just make you think a lot.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Remember the NeXT step days (for me, mid 90's) when a single executable binary file contained both intel and PowerPC/Motorola code. When clicked, it would execute the intel code on the intel platform and the PowerPC/Motorola code on the PowerPC/Motorola platform. I think it would be cool to have Portable App executables that run under both Linux and Windows because life would be easier, but the security problem would be too much of a downside -- a single binary that roots both Linux and Windows.
There is something called a StarKit that can be used to encapsulate Tcl/Tk programs. The StarKit can be treated as an executable that will run on any machine with a suitable Tclkit installed. It is also possible to combine the Tclkit with the StarKit, creating a StarPack, which is a self-contained executable.
It is easy to write an executable binary for Linux that ends in .exe - so that is don't think that is any protection at all.
Linux does not care about file *names*. A file is executable if its x bit is set AND it is recognized as an executable. That is one of:
1) file with the magic 'ELF' header (the # bits, bit order, and arch have to match what your kernel can deal with) 2) a Java jar file (if you have Java installed and configured for this usage) 3) a MS-Windows executable (if you have Wine installed AND the path is somewhere that maps to a MS-Windows drive AND Wine is configured for this usage) 4) an ASCII file with a '#!' as its first line and the path there names an executable file.
MacOSX also supports 'universal binaries' (binaries that run on Intel or PowerPC processors).
Clicking "Cancel" on these dialogs or X could still launch the executable - safest thing to do would be to kill firefox.
Further recommend NoScript and SiteAdvisor simultaneously. Recommend against wine and even more so against the Internet Explorer whatchamacallit for Firefox including on wine. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos