From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Chris Moore <dooglus@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: C file recoginzed as image file
Date: Tue, 09 Jan 2007 23:58:42 +0100
Message-ID: <m2y7oboli5.fsf@gmail.com>
References: <loom.20070105T152213-693@post.gmane.org>
	<m2y7ohy0s1.fsf@gmail.com>
	<f7ccd24b0701051102n4866b1cbi35465c3a22291ba4@mail.gmail.com>
	<jwvlkkgyhcv.fsf-monnier+emacs@gnu.org>
	<E1H3OzT-0001gy-8M@fencepost.gnu.org> <m28xgfmcma.fsf@gmail.com>
	<E1H3n8b-00045X-G1@fencepost.gnu.org> <m27ivxej74.fsf@gmail.com>
	<E1H44QT-0007FM-MP@fencepost.gnu.org> <uslekfiww.fsf@member.fsf.org>
	<f7ccd24b0701090525q6737c13dxe45a85b3993fec3f@mail.gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1168383600 4601 80.91.229.12 (9 Jan 2007 23:00:00 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Tue, 9 Jan 2007 23:00:00 +0000 (UTC)
Cc: Stephen Leake <stephen_leake@member.fsf.org>, emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Jan 09 23:59:57 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1H4Pwh-0002zm-UE
	for ged-emacs-devel@m.gmane.org; Tue, 09 Jan 2007 23:59:57 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1H4Pwg-0001C8-N8
	for ged-emacs-devel@m.gmane.org; Tue, 09 Jan 2007 17:59:54 -0500
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1H4Pvf-0000av-GR
	for emacs-devel@gnu.org; Tue, 09 Jan 2007 17:58:51 -0500
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1H4Pvd-0000YU-O1
	for emacs-devel@gnu.org; Tue, 09 Jan 2007 17:58:51 -0500
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1H4Pvd-0000YG-Jp
	for emacs-devel@gnu.org; Tue, 09 Jan 2007 17:58:49 -0500
Original-Received: from [66.249.92.171] (helo=ug-out-1314.google.com)
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1H4Pvc-0001W3-Pv
	for emacs-devel@gnu.org; Tue, 09 Jan 2007 17:58:49 -0500
Original-Received: by ug-out-1314.google.com with SMTP id j3so7478205ugf
	for <emacs-devel@gnu.org>; Tue, 09 Jan 2007 14:58:47 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:to:cc:references:from:date:in-reply-to:message-id:user-agent:mime-version:content-type:x-sa-exim-connect-ip:x-sa-exim-mail-from:x-spam-checker-version:x-spam-level:x-spam-status:subject:x-sa-exim-version:x-sa-exim-scanned:sender;
	b=YR//+i6pAbG2qmltV8HMgu+L5J8Fqvq1sZSuk7K+hOD6LNAQNKmzNsQHVnYMbfD8AbBwF6AdYttMwDTekdRRrRhI/pMNBXkuoMfXYRjV+88ol5CjzuiC05J9o7YWsVUN8RYtisv2OuSTfQS/mOngUqUezvwj9PLU/g72GQZpJFA=
Original-Received: by 10.67.117.2 with SMTP id u2mr36734494ugm.1168383526603;
	Tue, 09 Jan 2007 14:58:46 -0800 (PST)
Original-Received: from chrislap.local ( [89.176.28.156])
	by mx.google.com with ESMTP id o1sm34026332uge.2007.01.09.14.58.45;
	Tue, 09 Jan 2007 14:58:45 -0800 (PST)
Original-Received: from localhost ([127.0.0.1] helo=chrislap.local)
	by chrislap.local with esmtp (Exim 4.63)
	(envelope-from <dooglus@gmail.com>)
	id 1H4PvW-0003qt-HV; Tue, 09 Jan 2007 23:58:43 +0100
Original-To: "Juanma Barranquero" <lekktu@gmail.com>
In-Reply-To: <f7ccd24b0701090525q6737c13dxe45a85b3993fec3f@mail.gmail.com>
	(Juanma Barranquero's message of "Tue\,
	9 Jan 2007 14\:25\:43 +0100")
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.92 (gnu/linux)
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: dooglus@gmail.com
X-SA-Exim-Version: 4.2.1 (built Tue, 09 Jan 2007 17:23:22 +0000)
X-SA-Exim-Scanned: Yes (on chrislap.local)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:65088
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/65088>

"Juanma Barranquero" <lekktu@gmail.com> writes:

> Are you proposing also that we reject (or warn about) a .PNG file
> disguised as a .JPG, for example?

About a year ago, it became apparent that MS Windows would execute
arbitrary code when displaying a specially constructed .wmf file.

Microsoft were quite slow issuing a fix for this vulnerability.  A lot
of companies blocked .wmf attachments on their firewalls in an attempt
to protect themselves.

As a result, the attackers simply renamed their dangerous .wmf files
to .jpg.  This continued to work because Windows looks at the file's
contents, sees that it's not really a JPG image but a WMF image, and
displays it using the vulnerable code.

The vulnerability was relatively well known at the time, and people
who knew about it knew not to attempt to view WMF images using
Windows.  What was more of a surprise was that .jpg and .gif files,
where double clicked could turn out to be WMF images in disguise.

I don't think we should make the same mistake that Windows makes of
silently ignoring the file extension.  The default should be to warn
the user if the contents disagree with the extension, and people who
don't want this warning should be able to turn it off using the
customize interface.