Path: utzoo!censor!geac!torsqnt!lethe!yunexus!ists!helios.physics.utoronto.ca!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!mintaka!yale!cs.utexas.edu!sun-barr!newstop!exodus!bendenweyr!flar
From: flar@bendenweyr.Eng.Sun.COM (Jim Graham)
Newsgroups: comp.sys.next
Subject: Re: "file" operator disabled on NeXT 2.0
Message-ID: <6453@exodus.Eng.Sun.COM>
Date: 23 Jan 91 05:43:37 GMT
References: <1991Jan21.225155.6821@ni.umd.edu>> <SCOTT.91Jan21214045@Kolmogorov.gac.edu> <1991Jan22.125306.18872@ni.umd.edu>
Sender: news@exodus.Eng.Sun.COM
Reply-To: flar@bendenweyr.Eng.Sun.COM (Jim Graham)
Organization: Sun Microsystems, Inc.
Lines: 18

Everyone is ignoring the possibility that I might send out a 15 page
document formatted into PostScript in the middle of which I have hidden
(through the use of obscure indentation and nasty confusing comments all
around) the code which does the dirty deed of modifying your .cshrc.

Then if you preview this file or print it out using the native PS
interpreter built into your machine, I have access to your file
system.

Now are you really planning on scanning every bit of PS that someone
sends you for PS worms?

Sure, if I put it in a mail message, you can always disable an
"automatically run included PS" feature of your mailer and it will
then stick out like a sore thumb, but there are plenty of ways to
get you to voluntarily run the PS yourself by hand.

					...jim