[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] --trust-server-names

From: Ángel González
Subject: Re: [Bug-wget] --trust-server-names
Date: Sat, 14 Apr 2012 16:02:57 +0200
User-agent: Thunderbird

On 14/04/12 02:17, David H. Lipman wrote:
> I eat PDF Exploit files for breakfast. 

>>>> And how about a server that calls its malware ".bashrc"?
>>> Since it is a non standard named file, I will open it in FileInsight
>>> and examine the binary.  If I don't recognize its format, I'll run the
>>> TrID plug-in and detrrmine its format.  I will treat the file
>>> accordingly.
>> .bashrc is the name of a file executed automatically by bash(1) on
>> startup if present in the home folder. As such, that can lead to code
>> execution.
> Not on Windows.
Unless you use eg. msys

I was explaining the vulnerability. If you feel you're safe, you can go
with the
option. We assume you'll be careful enough not to shoot yourself in the


reply via email to

[Prev in Thread] Current Thread [Next in Thread]