Re: [Fun With Perl] Paranoia.

["Bill Jones" <bill@fccj.org>]

> What is the most innocuous looking perl .sig that could do the most
> harm? Is bungy jumping fun? Can one write a perl .sig worm? A little
> innocous bitty of perl that wrote out "Just Another Perl Hacker" and
> quietly tacked itself onto your .sig file? Who are those little green
> men at the bottom of my garden?


After some thoughts I suppose one could write a .JS
perl embedded landmine. One where the MouseOver action
executed code to do stuff.

This would be most dangerous on Win32 systems where the
admin may have incorrectly set the run-time association with
perl-script to 'execute things' which are MIME encoded
to run perl upon opening...

Or, with a reader which is CSS aware, hide the embedded
URLs and if (or when) they happened to mouseover it,
BANG!

Your reader would need to like HTML in preference over TEXT,
and would want to auto-run helper apps to deal with funny
little mime data streams...

But yes, it's possible to do something nasty to someone else.
Maybe one time, then the others in the Usenet sandbox
will prolly place flags stating -

"Here lies dangerous perl trolls whom dare to create
munitions from something as sweet and kind as perl!  Beware!"

(Creating munitions with perl would be a slap in Larry's face!)

My 2 cents,
-Sneex-  :]
______________________________________________________________________
Bill Jones  Data Security Specialist  http://www.fccj.org/cgi/mail?dss

==== Want to unsubscribe from this list? (Don't you love us anymore?)
==== Well, if you insist... Send mail with body "unsubscribe" to
==== fwp-request@technofile.org