Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!mailrus!umich!caen.engin.umich.edu!chrisl
From: chrisl@caen.engin.umich.edu (Chris Lang)
Newsgroups: comp.sys.amiga
Subject: Re: PkaWare/PkaZip
Message-ID: <492d6efa.1a5bf@moth.engin.umich.edu>
Date: 13 Mar 90 05:00:00 GMT
References: <55.25f441b5@uoft02.utoledo.edu> <195@sai.UUCP> <2675@leah.Albany.Edu> <2605@gmu90x.gmu.edu>
Distribution: na
Organization: University of Michigan, Ann Arbor
Lines: 25

In article <2605@gmu90x.gmu.edu> jbaker@gmu90x.UUCP (John Baker) writes:
>In article <2675@leah.Albany.Edu> wfh58@leah.Albany.Edu (William F. Hammond) writes:
>How is a self-extracting file archive any more dangerous than the executable
>inside the archive?  For some reason everyone was scared of PAK, even after
>an un-archiver was written for those who were afraid of PAK files.  But
>trojan horses can just as easily be attached to the program you un-zoo or
>un-lharc...

I thought this was covered, but...  The reason a self-extracting file is more
dangerous is that you have no control over it.  You either run it or you
don't.  If I un-ZOO an archive, I can do whatever I want to with the final
executable.  Assuming I trust the authors of the archiving program, there is
no danger to my system unbtil I CHOOSE to run a program.  With a self-extracter,
there is no telling what it might do.  

>John Baker
>jbaker@gmuvax.gmu.edu

 -Chris
-----
Chris Lang, University of Michigan, College of Engineering    +1 313 763 1832
      4622 Bursley, Ann Arbor, MI, 48109          chrisl@caen.engin.umich.edu 
WORK: National Center for Manufacturing Sciences, 
      900 Victors Way, Suite 226, Ann Arbor, MI, 48108        +1 313 995 0300
"I hate quotations.  Tell me what you know."  - Ralph Waldo Emerson