Daryle Walker wrote:
But standard archive formats are not executable in and of themselves.
As I mentioned elsewhere, that is irrelevant.
Expanding a passive archive won't initiate any attack vectors for mal-ware.
Yes it can. And has been historically, re: tiff, png, jpeg, shown that bugs in non-embeded expanders can be exploited even with "passive" archives.
An archive with executable code attached adds a potential attack vector with dubious benefit.
Do you consider the following a dubious benefit: * A guaranteed extraction performance. * A guaranteed construction performance. * A 200% compression improvement. (ZIP = 17.7M, EXE = 8.5M) And hence a download improvement.
(The real problem is that the OP's un-zipper sucked performance-wise, but an embedded one may be just as bad. The fix is to use a better extractor.)
Yes. And a self-extractor is one way to provide such a better extractor.
Whether or not the files _within_ the archive have been perverted is a separate matter from what I originally talked about.
But the executable part of a self-extractor is "within" the archive. It is attacked the same way you would the rest of the archive content. -- -- Grafik - Don't Assume Anything -- Redshift Software, Inc. - http://redshift-software.com -- rrivera/acm.org - grafik/redshift-software.com - 102708583/icq