Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!mailrus!umich!caen.engin.umich.edu!chrisl From: chrisl@caen.engin.umich.edu (Chris Lang) Newsgroups: comp.sys.amiga Subject: Re: Self Extracting Archives Message-ID: <492d7755.1a5bf@moth.engin.umich.edu> Date: 13 Mar 90 05:00:00 GMT References: <55.25f441b5@uoft02.utoledo.edu> <195@sai.UUCP> <2675@leah.Albany.Edu> <79.25f87ef0@uoft02.utoledo.edu> <10102@cbmvax.commodore.com> <90.25fc5fd6@uoft02.utoledo.edu> Distribution: na Organization: University of Michigan, Ann Arbor Lines: 26 In article <90.25fc5fd6@uoft02.utoledo.edu> grx1042@uoft02.utoledo.edu (Steve Snodgrass) writes: > Have you considered this: given a self extracting archive, you can generally >list the files it contains. Thus, you know immediately that you're just going >to unpack some files, or if the archive is fake. The only current >self-extracting format available on Amiga is PAK (a horrible program, I might >mention) which is capable of listing contents if you have it around. I expect >that Lharc self-extracting format will be available soon, also with listing >capability. This, you can easily check to see what you're executing is really >an archive. Anyone who was going to go to the trouble of distributing malicious code under the guise of a self-extracting archive could very easily create fake code to mimic a file listing, no? Or even use a real archive and just change the executable code, so it would look, for all intents and purposes, exactly like a real archive. (Sounds a little paranoid, I suppose, but there are a lot of creeps out there...for proof, take a look through the VirusX docs. Those babies didn't write themselves.) -Chris ----- Chris Lang, University of Michigan, College of Engineering +1 313 763 1832 4622 Bursley, Ann Arbor, MI, 48109 chrisl@caen.engin.umich.edu WORK: National Center for Manufacturing Sciences, 900 Victors Way, Suite 226, Ann Arbor, MI, 48108 +1 313 995 0300 "I hate quotations. Tell me what you know." - Ralph Waldo Emerson