|Search Pine Information Center|
Making your system as secure as possible is an important first step to making your applications, including Pine, more secure. The following links provide resources to help you make your system more secure:
Many people have inquired about a recent widely-distributed message describing a "remote exploit in pine," specifically, a "vulnerability in the metamail package used with pine" and a claim that the "`" character "is incorrectly expanded by pine."
We believe the following to be true:
We do not agree that the "`" character "is incorrectly expanded by pine." Rather, we believe that Pine correctly implements RFC-1524. However, it is possible to modify Pine to preclude mailcap parameter substitution and thereby avoid mailcap risks at sites where faulty mailcap files may be installed. A patch to do this for Pine 4.10 is available. Obviously, this patch will also break any legitimate mailcap entries that depend on parameter substitution.
While one could modify Pine to guard against the particular exploit permitted by the mailcap entries in question, it is very difficult to conceive of a truly safe "paranoid mode" other than disabling parameter substitution entirely. However, we suspect most people will find it far easier to remove any unsafe entries from their mailcap configuration file.
The answer is, "yes," since email attachments sent to you can be arbitrary programs containing a virus, or they can be documents containing so-called "macro viruses." But remember that viruses are computer programs, which must come as attachments, while electronic mail often consists merely of plain text. You cannot get a virus from a plain text email message, but you can get one from an attachment to a plain email message.
Since most email programs permit users to send "attachments," and these attachments can be executable programs, you need to be careful. Nevertheless, you cannot get a virus from an attachment unless you run the program. Pine will always ask you to confirm that you wish to view an email attachment before doing anything else, such as running a program that views the attachment or even executing the attachment itself (if it is a runnable program file). Remember, if you tell Pine to view an attachment, in many cases the associated application (such as Word) will automatically be run. If in doubt, do not view the attachment. Instead, check it first with a virus checker or just delete it.
Keep in mind, as well, that modern spreadsheet programs and word processing programs have full-featured macro languages, and that some people have written viruses that take advantage of this. For this reason, an attached spreadsheet or document could contain an executable macro program, and that program could conceivably be a virus. To prevent this, you can disable the macro language in your spreadsheet or word processing program. Be aware, though that this might disable useful features, too. (As an alternative to disabling macros in MS Word, try Nancy McGough's tips on Avoiding MS Word Macro Viruses.) Instead, or in addition to this, you can make sure to always use a virus checker. Again, try to only accept files from trusted sources, but take your own precautions as well.
Yahoo! provides lists on virus information.
The Internet is constantly being flooded with information about computer viruses. However, interspersed among real virus notices are computer virus hoaxes. While these hoaxes do not infect systems, the flood of email messages they generate is nevertheless time consuming and costly to handle. Therefore, before broadcasting a warning that you received via email, it would be a good idea to check with trusted computer support people. There are well-developed methods for distributing information about viruses and it would be better for interested people to check with those resources rather than pass on questionable information.
You'll find examples of confirmed hoaxes, information about how to identify a hoax, and what to do when you receive a virus warning at: http://hoaxbusters.ciac.org/
Another useful Web site is the "Computer Virus Myths home page" (http://www.vmyths.com/) which contains descriptions of several known hoaxes. In most cases, common sense would eliminate Internet hoaxes.
There is a problem with pre-SP1 (Service Pack 1) versions of Windows 2000 that causes wildcard SSL certificates to fail. This was actually a design feature in that version, which Microsoft was persuaded to revoke.
|Search Pine Information Center|