> Alan Cox wrote:
> > It does SYN checking. If you are running 'serious' security you wouldnt be
> > allowing outgoing connections anyway. One windows christmascard.exe virus that
> > connects back to an irc server to take input and you are hosed.
>
> Thankfully, pine and mutt are, to date, immune to that kind of thing. :)
There have been at least five holes found in pile that _could_ have been
exploited, and even one in all xterms pre X11R6 where ascii+escape codes
was all you needed.
Mutt has had minor things fixed for security reasons too.
It's harder. But you ignore two things - once someone does it anyone can
repeat it - and more importantly almost all exploits rely on user error.
Linux users are not always brighter than windows ones and there isnt a lot
you can do to make them smarter
Think of computer security like powertools. The day you think you are totally
safe is the day you end up hurt.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Dec 23 2000 - 21:00:27 EST