Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uwm.edu!lll-winken!decwrl!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: OSPWD@EMUVM1.BITNET (Peter W. Day)
Newsgroups: comp.virus
Subject: Re: WDEF and AppleShare (Mac)
Message-ID: <0003.9002121648.AA15294@ge.sei.cmu.edu>
Date: 9 Feb 90 13:50:00 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 14
Approved: krvw@sei.cmu.edu

Re the discussion of infection of AppleShare servers by WDEF and
whether to run GateKeeper there, and Brian Bechtel's point that the
server does not use its desktop file, so the disktop file can be
removed, after which the server can not be infected by WDEF.

Even if you leave the file "desktop" on the server, that file is not
seen by clients (even using programs that can see the desktop file on
local disks), so it appears that there is no way a client can infect
an AppleShare server with WDEF.  Clearly you could do so by putting an
infected diskette in the server when it was running as a workstation
(e.g. by booting it using an infected diskette).  But could you infect
the server by inserting an infected diskette in it while it was
running as a server? Once infected, will the server infect local disks
of clients?