is there a best anti-viral program for Revolution?

Alejandro Tejada capellan2000 at yahoo.com
Thu May 26 11:12:01 EDT 2005


on Wed, 25 May 2005 
Richard Gaskin wrote:

AT>> "I could open any stack by dragging and droping
AT>> over an executable file.
AT>> Verified with many standalones build with
AT>> RR and MC.
AT>> Some standalones even let me copy a jpg file in
AT>> the hard disk and open it in windows explorer."

RG> What does that mean?  By what user actions?

here is a recipe:
1- create a stack
2- put an image in the stack
2- in a preOpenStack handler or 
an openCard handler or a startup handler,
within the stack script or the card script
put a handler like this:

on preopenStack
  select img 1
  export jpeg to file "copiedpicture.jpg"
  answer "OpenCard handler says: I copied to you hard
disk a picture named copiedpicture.jpg... look for it"
end preOpenStack

on openCard
  select img 1
  export jpeg to file "copiedpicture.jpg"
  answer "OpenCard handler says: I copied to you hard
disk a picture named copiedpicture.jpg... look for it"
end openCard

on startup
  select img 1
  export jpeg to file "copiedpicture.jpg"
  answer "StartUp handler says: I copied to you hard
disk a picture named copiedpicture.jpg... look for it"
end startup

Save the stack.

4- Now, drag and drop this stack over an
executable. (Not double click on the stack)
In Windows, in many executables
downloaded from this mail list, i read the
warning: 
I copied to you hard disk a picture named
copiedpicture.jpg... look for it

Think that instead an image, you could copy
an *.exe from a custom property and being able
to run it.

AT>> Please try to reproduce this bug by yourself, 
AT>> but this time, instead of trying to copy a 
AT>> jpg file to the hard disk, try to copy an *.exe 
AT>> and run it. If my memory does not fail, this
AT>> was possible using a preOpenstack handler...

Read this message thread:

<http://lists.runrev.com/pipermail/use-revolution/2005-January/049846.html>

RG> While this is an interesting issue, I couldn't
find
RG> where in that bug report it mentions saving files 
RG> to disk while secureMode is turned on.
RG> What did I overlook?

i read the title of the message "best anti-viral
program for Revolution" and thought that the
possibility of copying a file without user 
intervention is a gate for virus-like activity.

By default, the engine does not load in "securemode".
in my understanding, "securemode" is a global property
like "selectgroupedcontrols" with the difference that
after being set to true, it could not be changed back
to false. In Dreamcard, i'm sure, it's set at startup
from the preferences stack. 

Securemode limits a lot. Look at this message
from december last year.

<http://lists.runrev.com/pipermail/use-revolution/2004-December/048611.html>

No one answer, so then i believed that i was the only
one using securemode...

This was my question then:
-----------------------------------
How many of you had used the secure mode?

When a RR player or standalone is using 
the securemode a stack could not write a text file
to disk or change the registry (all these 
restrictions are fine), but when i try to put 
text in the clipboard, to paste in another document
the clipboard is always empty!?!?!?. 

I've tried this code, and many variations 
without success:

set the clipboarddata to localVariableZXC

I'll like to be wrong about this, and that even in 
secure mode, i could put data on the clipboard to 
paste in a text editor, like Wordpad, but in my
side this is not possible or maybe i'm using the 
wrong code.

Could you test this on your side?
----------------------------------------

Will you test this on your side?
Are you able to put data in the clipboard
while secureMode is set to true?

Thanks in advance.

al

Visit my site:
http://www.geocities.com/capellan2000/


		
__________________________________ 
Yahoo! Mail Mobile 
Take Yahoo! Mail with you! Check email on your mobile phone. 
http://mobile.yahoo.com/learn/mail 


More information about the use-livecode mailing list