Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is this article implying that their is the possibility of including a malicious application inside of a .rar format that would run upon uncompression? That is crazy if true. Also makes me think using 7zip might be a safer option than WinRAR if they handle the decompression differently.


Yes, but theoretically those applications wouldn't be able to do anything else than modify the data that you're uncompressing, which simply means that you have to decide whether you want to trust the data that you uncompressed.

Now of course there may be exploitable vulnerabilities here, but just as in any other piece of software.

So no, just because this runs a VM doesn't mean it's intrinsically more dangerous than anything else. Basically just any program that takes input from the outside world (a PDF reader, an MP3 player, you name it) is vulnerable to attacks.


But the fact that the VM has not seen much scrunity by the community together with the following snippet from the linked page:

"There are several known bugs in the RarVM.

[redacted as some have security consequences]"

makes it seem quite likely that there are some ugly vulnerabilities.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: