realbasic-nug
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ClamXav & REALbasic - trojans?

from [Arnaud Nicolet] [Permanent Link][Original]
To: REALbasic NUG <realbasic-nug@lists.realsoftware.com>
Subject: Re: ClamXav & REALbasic - trojans?
From: Arnaud Nicolet <anic297@mac.com>
Date: Mon, 29 Dec 2008 20:03:43 +0100
Authentication-results: mx.google.com; spf=neutral (google.com: 74.124.194.228 is neither permitted nor denied by best guess record for domain of realbasic-nug-bounces@lists.realsoftware.com) smtp.mail=realbasic-nug-bounces@lists.realsoftware.com
Delivered-to: listarchive@realsoftware.com
In-reply-to: <49591C34.7000804@chrononomicon.com>
References: <C57EB496.52399%markus_winter@online.de> <C4AC60B2-15C2-40FE-B68F-015477F0FC3A@mac.com> <495913B1.8070109@chrononomicon.com> <B0141D75-8A0B-4D90-8065-72EB29C60134@mac.com> <495917FC.7080108@chrononomicon.com> <3FD6BD56-9895-423A-A31E-C2C2354B6952@mac.com> <49591C34.7000804@chrononomicon.com>
Reply-to: REALbasic NUG <realbasic-nug@lists.realsoftware.com>
Sender: realbasic-nug-bounces@lists.realsoftware.com 
Le 29 déc. 08 à 19:51 (soir), Bart Silverstrim a écrit:


Arnaud Nicolet wrote:

Le 29 déc. 08 à 19:33 (soir), Bart Silverstrim a écrit:
I was pointing out one reason why it wouldn't happen. With most VM systems you have it sandboxed to a degree...there's no reason to expose the Applications folder to a Windows VM on the Mac. Those files are useless to the virtual machine guest.
Well, there's an option to just share the entire startup disk. Many users may share it to avoid asking themselves what to share in case of multiple folders needed to be shared (sometimes humans prefer the easier way, sadly).
Haven't used Parallels, but I'd believe it. Have used VMWare, Virtalbox, and a few others. They didn't share an entire startup disk...silly option. 

I think VirtualPC had that option also. But I agree: it's silly.
If he shared and/or exposed the entire filesystem to the Windows guest, then in my opinion it's asking for problems. But the malware still would be scratching its' head at most of the filesystem peculiarities it would encounter with a shared drive, it would be limited to infecting just what it knows how to infect via (probably) cifs, the file sharing protocol. The raw filesystem would not work with the guest.
Hmm... I think the share is "converted" in FAT32 (otherwise, the guest OS wouldn't be allowed to write).
Again, haven't used it, but doubt that...if it is, it's lying to the VM. Fat32 isn't anything like HFS... 

Perhaps it is actually lying?
At the moment, I'm not able to start winXP in Parallels (the disk is corrupted and I don't have the need to reinstall it now), so I can't say the format returned in the properties of the share. 
Well, time to reinstall it, then...
The implementations I have seen normally used CIFS (windows sharing protocol) which does allow read and write permissions. 

And the resource forks appear natively or with a "._" prefix?
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>

Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Troubles with debugging, Arnaud Nicolet
Next by Date:  Re: Mac for *testing* realbasic applications, Jeremy Wood
Previous by Thread:  Re: ClamXav & REALbasic - trojans?, Bart Silverstrim
Next by Thread:  Re: ClamXav & REALbasic - trojans?, Bart Silverstrim
Indexes:  [Date] [Thread] [Top] [All Lists]