- From: Dennis Joachimsthaler <dennis@efjot.de>
- Date: Thu, 26 May 2011 22:40:40 +0200
Am 26.05.2011, 22:33 Uhr, schrieb Boris Zbarsky <bzbarsky at mit.edu>: > On 5/26/11 3:12 PM, Dennis Joachimsthaler wrote: >> Oh I see the problem... Is it the bang? #!/bin/perl #!/bin/python >> #!/bin/bash >> could very well result in the text file being executed in one of those >> interpreters, >> right? > > Yes, but even worse on some systems a .pl file will just handed over to > the registered handler for those (often a Perl interpreter) if you try > to "open" it (which is a different operation from "execute" and can be > done even on files that are not executable; think double-clicking the > file in a file manager). > > -Boris Ah, I see. So the people using the GUI are in the gutter? Which are also the people that are inexperienced and would be prone to such attacks. Damn. Though I think it still would happen rarely that a pl file gets downloaded. I mean who on the most popular system, Windows, has a Perl interpreter installed? - Dennis Joachimsthaler
Received on Thursday, 26 May 2011 13:40:40 UTC