You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Danny Angus <da...@apache.org> on 2003/06/22 23:14:16 UTC
filetype magic
I feel compelled to mention that magic is only ever an informed guess, and I'm convinced that faking magic isn't beyond the ability of smart bad people, if theres a gain to be made.
> > After reading your http://www.alaska.net/~royce/pub/solaris/MAGIC
> > link I see what it is all about.
>
> For those who don't understand, yet, this might help:
>
> http://www.halley.cc/ed/linux/newcomer/filename.html
RE: filetype magic
Posted by "Noel J. Bergman" <no...@devtech.com>.
> you could get bytes into a machine in the guise of the image bytes of a
gif or jpeg.
> there could still be uses for it *IF* it became a way round anti-virus
software.
Yes, but the way I've suggested using it was as suppliment to a/v software,
not a replacement. Any mismatch would be a rejection, but a positive match
doesn't imply a free ride.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: filetype magic
Posted by Danny Angus <da...@apache.org>.
> Faking to be a desirable type won't achieve the
> goal. It would just be a corrupt file.
No it wouldn't, you could get bytes into a machine in the guise of the image bytes of a gif or jpeg.
OK thats not executable, but there could still be uses for it *IF* it became a way round anti-virus software.
d.
RE: filetype magic
Posted by "Noel J. Bergman" <no...@devtech.com>.
> I feel compelled to mention that magic is only ever an informed guess,
> and I'm convinced that faking magic isn't beyond the ability of smart
> bad people, if theres a gain to be made.
True. But what would be the point? Faking to be an undesirable type would
be counter-productive. Faking to be a desirable type won't achieve the
goal. It would just be a corrupt file.
As I see it, checking the magic is just one way to keep someone from
slipping an executable in under the guise of a benign attachment.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org