[Mimedefang] Re: Unsafe file types
jmates at sial.org
Sun Nov 30 21:25:59 EST 2003
* Kenneth Porter <shiva at sewingwitch.com>
> Isn't there some situation where Windoze runs a program in spite of
> its name, looking at the magic inside?
I recall Microsoft Word opening "foo.rtf" (actually a Word Document) as
a Word document when I last tested it some years ago. While Word
documents are not technically executables, they can contain all sorts of
nasty mobile code (macro language), and include various other
interesting security violations (word documents being able to download
random URLs off websites behind your back).
> How about using the "file" package (which uses signatures in
> /usr/share/magic) to identify MS binaries? Does a Perl module exist
> that leverages this? If so, you could auto-detect it and use it if
file(1) varies depending on the exact flavor of unix, so it would need
to be tested against a comprehensive suite of file types to ensure
proper detection and tagging of the unacceptable file formats.
The proper security stance would be to deny all types except for a
specific list, though this runs into all sorts of problems such as when
the client-side viewers for "safe" types are flawed (image handling
libraries with buffer overflows, PDF readers that happily execute mobile
code), or when users want to use e-mail as a file system.
More information about the MIMEDefang