[Gllug] p2p programs

[Nix]

On Sun, 13 Nov 2005, Henry Gilbert stipulated:
> i will read it though,
> lib"Images" has been plaguing Windows and Linux as a security flaw
> for long.

I for one would appreciate it if you put at least the tiniest bit of
effort into your postings, so that, well, I could tell what on earth
you were talking about. :)

Do you mean `image libraries have a lot of security holes in them'?
Agreed, but no more than other libraries fed untrusted data, many fewer
than (e.g.) the kernel, and, er, this was a followup to an article in
which you made the (IMHO ludicrous) claim that Linux boxes with no
servers running (== no ports in LISTEN state?) were immune to attack, so
you seem to be contradicting yourself.

> But noone got into a Linux box (afaik) via this method

I wish you were right :( there are exploits out there for Firefox which
rely on holes in libpng, IIRC.

> Even an anomalous RTF file can compromise a Windows Box
> via WordPad. That bug was fixed.

MS are, how should we put it, not the fastest people out there at fixing
bugs. Mind you Oracle are (much) worse.

-- 
`Holy Google, pray for us sinners now and in the hour of our job interview.'
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug