On Fri, Apr 17, 2009 at 2:30 PM, Robert Heller <heller at deepsoft.com> wrote: > At Fri, 17 Apr 2009 14:07:31 -0500 CentOS mailing list <centos at centos.org> wrote: > >> >> On Fri, Apr 17, 2009 at 1:17 PM, Scott Silva <ssilva at sgvwater.com> wrote: >> > on 4-17-2009 9:33 AM Lanny Marcus spake the following: >> >> On Fri, Apr 17, 2009 at 11:25 AM, William L. Maltby >> >> <CentOS4Bill at triad.rr.com> wrote: >> >>> On Fri, 2009-04-17 at 11:13 -0500, Lanny Marcus wrote: >> >>>> On Thu, Apr 16, 2009 at 11:14 PM, Michael A. Peters <mpeters-ee4meeAH724 at public.gmane.org> wrote: >> >>>> <snip> >> >>>>> My experience is that when browsing on any OS and you come across an >> >>>>> error message stating that your computer is infected and you need to >> >>>>> install such and such software, the web site I was visiting has an XSS >> >>>>> exploit that was taken advantage of to try and get you to manually >> >>>>> install a piece of malware. >> >>>>> >> >>>>> Install the FireFox extension "noscript" and be very careful about what >> >>>>> domains you authorize scripting from. >> >> >> >> I now have NoScript installed. >> >> >> >> <snip> >> >>> You might want to also check your preferences. FF has settings about >> >>> warning about fraud sites etc. You also can affect the things that >> >>> javascripts can do and suppress pop-ups. I've encountered those things >> >>> that you mentioned and gotten no ill-effects since I just leave the site >> >>> immediately. >> >> >> >> Bill: I will double check the Firefox configuration settings, since I >> >> upgraded from CentOS 5.2 to 5.3, last Friday night. I need to be able >> >> to visit that web site, so if anything bad is coming from it (without >> >> the knowledge of the webmaster) I will hopefully avoid it, with the >> >> NoScript Firefox extension which I just installed. Lanny >> > >> > Noscript will give you an idea of just how many sites run a script of some >> > kind. You will see a large part of sites just look different when the scripts >> > don't run, and some don't function at all. Not that it is a bad thing, it will >> > just make you think a lot. >> > >> > >> > _______________________________________________ >> > CentOS mailing list >> > CentOS at centos.org >> > http://lists.centos.org/mailman/listinfo/centos >> > >> > >> >> Remember the NeXT step days (for me, mid 90's) when a single >> executable binary file contained both intel and PowerPC/Motorola code. >> When clicked, it would execute the intel code on the intel platform >> and the PowerPC/Motorola code on the PowerPC/Motorola platform. I >> think it would be cool to have Portable App executables that run under >> both Linux and Windows because life would be easier, but the security >> problem would be too much of a downside -- a single binary that roots >> both Linux and Windows. > > There is something called a StarKit that can be used to encapsulate > Tcl/Tk programs. The StarKit can be treated as an executable that will > run on any machine with a suitable Tclkit installed. It is also > possible to combine the Tclkit with the StarKit, creating a StarPack, > which is a self-contained executable. > >> >> It is easy to write an executable binary for Linux that ends in .exe - >> so that is don't think that is any protection at all. > > Linux does not care about file *names*. A file is executable if its x > bit is set AND it is recognized as an executable. That is one of: > > 1) file with the magic 'ELF' header (the # bits, bit order, and arch > have to match what your kernel can deal with) > 2) a Java jar file (if you have Java installed and configured for this usage) > 3) a MS-Windows executable (if you have Wine installed AND the path is > somewhere that maps to a MS-Windows drive AND Wine is configured for > this usage) > 4) an ASCII file with a '#!' as its first line and the path there names an > executable file. > > MacOSX also supports 'universal binaries' (binaries that run on Intel or > PowerPC processors). > >> >> Clicking "Cancel" on these dialogs or X could still launch the >> executable - safest thing to do would be to kill firefox. >> >> Further recommend NoScript and SiteAdvisor simultaneously. Recommend >> against wine and even more so against the Internet Explorer >> whatchamacallit for Firefox including on wine. >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> > > -- > Robert Heller -- 978-544-6933 > Deepwoods Software -- Download the Model Railroad System > http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows > heller at deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/ > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > Robert Heller, excellent post!