19 Dec
2011
19 Dec
'11
6:54 p.m.
On 12/19/2011 5:02 PM, Fred Cisin wrote:
On Mon, 19 Dec 2011, Holm Tiffe wrote:
In my experience in a previous job as a sysadmin of NT 4.0 boxes (around
1998), I can say that having an "Exec" bit for Windows binaries would
have slowed virus spread, but only just.
You would not -believe- the lengths some of our users would go through
to (manually!) install malware. Users would get an e-mail with a
password-protected ZIP file as an attachment ("ElfBowling.zip" or
"NakedWomen.zip"), and the e-mail itself would contain detailed
instructions for installing the damned thing since you couldn't just
double-click on the attachment.
Disregarding all advice we'd repeated about not running stuff that came
in e-mail, our users would faithfully follow the e-mail instructions to
the letter and get their machines infected (well, no, the virus scanner
would catch it, thankfully).
If Windows had an "Exec" bit the instructions in the e-mail would have
been just be one line longer.
- Josh
No. There are other mechanisms that differentiate
what file can be executed
and wich not, not dependign on the file name. The long directoy listing
shows what is executable:
MS-DOS has a byte for "attribute";
it is too bad that they didn't use one of those bits for "executable"!