[prev in list] [next in list] [prev in thread] [next in thread]
List: ubuntu-devel-discuss
Subject: Auto File-Extension addition
From: Yash Khosla <ykhosla () uwo ! ca>
Date: 2017-04-03 23:47:51
Message-ID: CY4PR11MB1560CE312529841117B5DB2CD0080 () CY4PR11MB1560 ! namprd11 ! prod ! outlook ! com
[Download RAW message or body]
Hello,
I had the following concern. It's not typically a bug or a flaw but I would=
still like to bring it to your notice because for me, it is a bit worrying=
.
Here's the scenario: I have a bin file which Ubuntu (14.04 and 16.04) can r=
un. If I make a symlink for that file and name it either 'readme', 'authors=
' or 'CHANGELOG', I get an icon which depicts a text file. Also, when i che=
ck the properties of this file, it says it is linked to a text document.
The worrying part here is that one could actually have a malicious bin file=
and he could hide it by adding a '.' at the beginning of the filename, the=
n make a symlink and name it 'readme' or 'authors', tar/zip it, and send it=
to anyone. Since the victim sees a text icon and the properties of the fil=
e says it's linked to a text document, I believe the victim would open it e=
xpecting a text file to open. But instead the malicious script could run in=
the background and cause damage to the system.
What do you think about this? Shouldn't this assumption of the nature of th=
e file based on the filename be abandoned?
Regards,
Yash Khosla
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} \
--></style> </head>
<body dir="ltr">
<div id="divtagdefaultwrapper" \
style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;" \
dir="ltr"> <p>Hello,</p>
<p><br>
</p>
<p>I had the following concern. It's not typically a bug or a flaw but I would \
still like to bring it to your notice because for me, it is a bit \
worrying. </p> <p><br>
</p>
<p>Here's the scenario: I have a bin file which Ubuntu (14.04 and 16.04) can \
run. If I make a symlink for that file and name it either 'readme', 'authors' or \
'CHANGELOG', I get an icon which depicts a text file. Also, when i check the \
properties of this file, it says it is linked to a text document. </p>
<p><br>
</p>
<p>The worrying part here is that one could actually have a malicious bin file \
and he could hide it by adding a '.' at the beginning of the filename, then make a \
symlink and name it 'readme' or 'authors', tar/zip it, and send it to anyone. Since \
the victim sees a text icon and the properties of the file says it's linked to a \
text document, I believe the victim would open it expecting a text file to open. But \
instead the malicious script could run in the background and cause damage to the \
system.</p> <p><br>
</p>
<p>What do you think about this? Shouldn't this assumption of the nature of \
the file based on the filename be abandoned?</p> <p><br>
</p>
<p>Regards,</p>
<p>Yash Khosla</p>
</div>
</body>
</html>
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
--===============6443176364963247090==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic