E-mail altered in Ubuntu

Isn't this potentially dangerous if the attatchment is malicious?

creating a Linux Virus

 

I would suggest you uninstall/remove "xpdf" and stick with the default Evince. You might also try using Evolution for your e-mail needs under Ubuntu. In my opinion Thunderbird is a buggy piece (Linux version suffers more errors then the Windows version actually). Evolution however is nice (KMail is recommended by me for KDE users).

 

Thanks for replying.
I will remove xpdf.

The reason I don't use Evolution is that they haven't fixed a problem that needs fixing
now for the past 6 months. The problem is that items in the trash CAN'T be deleted.
This is unacceptable. To the best of my knowledge I am not using KDE. I using the other one.

 

Not really.

You are referring (based on your link) to a well known "vulnerability" which allows .desktop "launcher" files to be executed without the x bit being set. This means a kiddie could hide some malicious code inside a .desktop file but change its extension to anything (like .pdf or even .mp3). As a result, the user sees his potential .pdf and he clicks it and it executes some shell script that tampers with the /home directory. What this attack essentially does is bypass one step of getting a script to run (it negates the need for the "chmod a+x" command).

Remember UNIX doesn't recognize file extensions -- that's a Windows thing -- so one can change the extension at will. Extensions in UNIX are only there for humans to see what a file probably is, not what it really is. Normally this is not a problem because even if the file is malicious it won't have executable privileges. And even if one gives it executable privileges, it will only run with the group and user permissions allowed in the DAC.

The problem with this attack, as even the author of the article admits, is that the malware would only compromise the /home directory and would not give the malware access to anything important. So, basically, it comes down to this question: What good is the attack? This is the question I am sure the KDE and Gnome developers have asked themselves, and is likely the reason they have intentionally *not* fixed this "vulnerability." About the only thing the malware could do is resend itself to other people listed in the e-mail client address book. But what good would that be? It would essentially be an "annoyance" type of malware.

About the only thing I can think of that it could be used for is to send spam or to delete files (pictures, mp3's, documents) in the /home directory. Sure, it's not fun having files deleted, but it would be trivial to find and exterminate the malware responsible (it would be a file in the /home directory in plain site) and the Linux hackers would quickly discover what is going on and would have it nipped by sunrise.

 

You're using GNOME that's right. This problem with the trash seems to be Ubuntu specific to me. Some users report that by removing the "folders.db" file from "./evolution/mail/local" fixes the problem. Make sure you have Evolution closed while removing this file.