mailing list archives
Re: RE: Unchecked buffer in mstask.dll
From: Tim <tim-security () sentinelchicken org>
Date: Wed, 14 Jul 2004 21:40:56 -0700
Hm... who really knows why MS does a lot of the things they do? I'd
guess that the reason it works is more because of they way Windows
handles executables or something... considering that .pifs aren't
commonly seen these days, and the fact that most people wouldn't think
to switch the extension. Then again... people can be marvelously
stupid. Don't give the end user any credit of intelligence, and you'll
probably end up about right.
Well, the whole idea of relying on part of a file's name to determine
how it is opened is just plain stupid, IMHO. If I took the name plate
off of a ford, and stuck it on my nissan, would my mechanic put ford
parts into it when I took it in for repair?
(Yeah, I know, I used the tired-old automobile analogy, but I am too
tired right now to come up with something better.)
Full-Disclosure - We believe in it.
RE: Unchecked buffer in mstask.dll Thor Larholm (Jul 15)
RE: RE: Unchecked buffer in mstask.dll Polazzo Justin (Jul 25)