Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search

[REBOL] Re: [The Gimp] clashes with REBOL on Windows 2000

From: brian:hawley at: 9-May-2004 15:15

Hi Anton, I just ran REBOL/View from my REBOL home directory to test the default install behavior. I was able to rename rebol.exe to another file name (blah.bak) and then write out a random file downloaded from a remote web site to a file named rebol.exe . You don't have to delete the file for this exploit to work. This is a major security hole. And yes, I was on Windows XP. Keep in mind that I was running in the console though. Scripts started from the REBOL desktop are sandboxed in their folders under public, so it's not as bad as it could be. View scripts started from the desktop actually need Pro or Command features to do more than fill your hard drive; with Library support or call enabled all bets are off though. Brian Hawley At 12:18 AM 5/10/04 +1000, you wrote: