On Wednesday 16 November 2005 06:43 pm, Ron Youvan wrote:
>
> I don't understand how a MS or MAC rootkit could possibly get it's
> executable attribute set to "executable" from a Joliet/mixed CD on a
> LINUX computer. (what is: "Linus"? I am guessing misspelled LINUX)
Windows does not require that the executable bit be set. Usually it goes by
the extender *.pif, .exe, .dll, .scr, .bat, .virus, etc), but it also can
determine if the file is executable by examining the first few bytes of the
file. For instance, with an .exe file, the first two characters are "mz" if
you look at it with a hexeditor.
For Linux, (and I'm guessing the same is true for Macs... I haven't tried it
with a Mac), if the executable bit is set for the file on a cd, it will
retain that bit if it is copied to another hard drive. I have done that
copying directories of shell scripts to cd for backup. They still had the
executable flag set when copied back to the hard drive.
Jeff
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:12:04 EDT