Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!pacbell.com!iggy.GW.Vitalink.COM!widener!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: MAINT@UQAM.BITNET (Peter Jones)
Newsgroups: comp.virus
Subject: re: What's so bad about self-extracting archives?
Message-ID: <0009.9105081310.AA02449@ubu.cert.sei.cmu.edu>
Date: 7 May 91 18:38:04 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 22
Approved: krvw@sei.cmu.edu

On Mon, 06 May 91 15:08:43 -0400 you said:
>>From:    Murray_RJ@cc.curtin.edu.au
>
>>The other objection I have with self-extracting
>>archives is that you're stuck with extracting the whole lot, even if
>>you only want to find out what the !@#$%^&*() thing does.

One objection I have is the lack of a guarantee that the incoming
extraction code doesn't have a trojan lurking in it. This is a
well-known security risk in UNIX self-extracting SHAR archives.
There's an un-archiver on SIMTEL20 that runs without executing
incoming code, allowing incoming programs to be inspected.

Another is the unexpected increase in disk space use when the archive
is run, and starts extracting itself unexpectedly.

Peter Jones                    (514)-987-3542
Internet:Peter Jones <MAINT%UQAM.bitnet@ugw.utcs.utoronto.ca>
UUCP: ...psuvax1!uqam.bitnet!maint
N.B.
"Our customers will forgive a one-time error far more quickly than they will
forgive our inability to correct that error." - Karen Ward (wardk@cse.ogi.edu)