Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!cs.utexas.edu!tut.cis.ohio-state.edu!uoft02!grx1042
From: grx1042@uoft02.utoledo.edu (Steve Snodgrass)
Newsgroups: comp.sys.amiga
Subject: Re: Self Extracting Archives
Message-ID: <79.25f87ef0@uoft02.utoledo.edu>
Date: 10 Mar 90 09:13:36 GMT
References: <55.25f441b5@uoft02.utoledo.edu> <195@sai.UUCP> <2675@leah.Albany.Edu>
Distribution: na
Organization: SUBTEC
Lines: 26

In article <2675@leah.Albany.Edu>, wfh58@leah.Albany.Edu (William F. Hammond) writes:

> The only way that I would execute a self-extracting archive is if
> 1) I could afford to have an unexpected crash;
> 2) All of my resources were write protected except for ram:
> 3) I personally knew the creator of the archive and knew about everyone
>    with whom the archive creator had shared software.
> It's a dangerous world out there, and there is no point doing unnecessarily
> dangerous things.  Self-extracting archives are a safe idea only in utopia
> or within a very secure office environment.  They are never a good idea.
>  -- Bill

I'll try not to be insulting, but this is a very stupid attitude.  Has it
occured to you that there is basically no difference between executing a self
extracting archive, and extracting some stuff from an archive then executing
that?  Either way, you run the same risk that some jerk who is out to cause
trouble created the archive.  The archive could even contain fake documentation
and such.  In short, there is no secuirty advantage to non-self-extracting
archives. 

/\=======================================================================/\
\/ Reality: Steve Snodgrass  |"Volts embodied intent, and Amps were the  \/
/\  -^-^- Cyberspace -^-^-   | runners who carried out those intentions, /\
\/ GRX1042@uoft02.utoledo.edu| against the Ohms." -Gregory Benford, ToL  \/
/\ GRX1042@uoft02.BITNET     | Sleep is a luxury, spare time a myth. -me /\
\/ uoft02::GRX1042 (DECnet)  | Recumbent Amigas - the only way to hack.  \/