[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GNU Sharutils and security
|
From: |
Bruno Haible |
|
Subject: |
Re: GNU Sharutils and security |
|
Date: |
Thu, 01 Jul 2004 18:45:47 +0200 |
> Somebody out there who wants to take over the sharutils package?
Before that, maybe it's time to split that package? uuencode and uudecode are
occasionally
useful and can therefore be reasonably part of a distribution. However, shar
and unshar
being a security leak by design, and being obsoleted by the addition of MIME
attachments
to email protocols, I think shar and unshar shouldn't be installed on any Unix
system by
default.
It's well-known that MSIE is a trojan horse and virus downloading engine, but
in our camp
shar and unshar are similar, and we should address this issue.
Therefore, how about removing shar and unshar from the sharutils, or splitting
sharutils
into a useful and harmless package and a separate security -killer package?
Bruno
_______________________________________________________
WEB.DE Video-Mail - Sagen Sie mehr mit bewegten Bildern
Informationen unter: http://freemail.web.de/?mc=021199
- Re: GNU Sharutils and security,
Bruno Haible <=
- Re: GNU Sharutils and security, Stepan Kasal, 2004/07/01
- Message not available
- Re: GNU Sharutils and security, Paul Eggert, 2004/07/01
- Re: GNU Sharutils and security, Paul Jarc, 2004/07/01
- Re: GNU Sharutils and security, Bruce Korb, 2004/07/01
- Re: GNU Sharutils and security, Paul Eggert, 2004/07/02
- Re: GNU Sharutils and security, Bruce Korb, 2004/07/02
- Re: GNU Sharutils and security, Paul Jarc, 2004/07/02
- Re: GNU Sharutils and security, Stepan Kasal, 2004/07/02