[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] --trust-server-names
From: |
Ángel González |
Subject: |
Re: [Bug-wget] --trust-server-names |
Date: |
Sat, 14 Apr 2012 16:02:57 +0200 |
User-agent: |
Thunderbird |
On 14/04/12 02:17, David H. Lipman wrote:
> I eat PDF Exploit files for breakfast.
>>>> And how about a server that calls its malware ".bashrc"?
>>>>
>>> Since it is a non standard named file, I will open it in FileInsight
>>> and examine the binary. If I don't recognize its format, I'll run the
>>> TrID plug-in and detrrmine its format. I will treat the file
>>> accordingly.
>> .bashrc is the name of a file executed automatically by bash(1) on
>> startup if present in the home folder. As such, that can lead to code
>> execution.
>
> Not on Windows.
Unless you use eg. msys
I was explaining the vulnerability. If you feel you're safe, you can go
with the
option. We assume you'll be careful enough not to shoot yourself in the
foot.
Regards
- [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Ángel González, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Micah Cowan, 2012/04/12
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/12
- Re: [Bug-wget] --trust-server-names, Ángel González, 2012/04/13
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/13
- Re: [Bug-wget] --trust-server-names,
Ángel González <=
- Re: [Bug-wget] --trust-server-names, David H. Lipman, 2012/04/14