Pheww...
-
Just been clearing out my local Temp directory, and came across a file named ply03d.tmp, which displayed with an icon. That means it's probably an executable. Opening it up in various tools confirms this (no, I didn't run it to see what it did). It has an icon embedded, and an XML manifest. No resource string, no dialogs, no version information. It is not digitally signed. The XML manifest, when extracted, contains no identifying information, other than the string 'wubi'. So, it's a completely unidentified executable that looks like it's "hiding" in the Temp directory. You are probably thinking virus. So was I. Thankfully I was wrong. Turn's out it's part of Ubuntu, specifically a Windows installer (http://wubi-installer.org/[^]). I did have an Ubuntu CD in the drive, since I burnt the ISO for use in another machine, and then, out of curiousity, played with it briefly. What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea? The least they could have done is include a version resource, so I knew what it was. Mark Shuttleworth used to own Thwate, so surely he can afford a code-signing certificate, to digitally sign the executable. :mad:
Electron Shepherd wrote:
What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea?
You've clearly never used unix before :)
¡El diablo está en mis pantalones! ¡Mire, mire! SELECT * FROM User WHERE Clue > 0 0 rows returned Save an Orange - Use the VCF! Personal 3D projects Just Say No to Web 2 Point Blow
-
Just been clearing out my local Temp directory, and came across a file named ply03d.tmp, which displayed with an icon. That means it's probably an executable. Opening it up in various tools confirms this (no, I didn't run it to see what it did). It has an icon embedded, and an XML manifest. No resource string, no dialogs, no version information. It is not digitally signed. The XML manifest, when extracted, contains no identifying information, other than the string 'wubi'. So, it's a completely unidentified executable that looks like it's "hiding" in the Temp directory. You are probably thinking virus. So was I. Thankfully I was wrong. Turn's out it's part of Ubuntu, specifically a Windows installer (http://wubi-installer.org/[^]). I did have an Ubuntu CD in the drive, since I burnt the ISO for use in another machine, and then, out of curiousity, played with it briefly. What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea? The least they could have done is include a version resource, so I knew what it was. Mark Shuttleworth used to own Thwate, so surely he can afford a code-signing certificate, to digitally sign the executable. :mad:
Electron Shepherd wrote:
What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea?
Is it the first time you have ever found those kind of files in your temp directory? It is a very common to have temporary executables during installation. Windows Installer also creates such files. My only complaint is that these files should be deleted automatically by the tool or the utility creating the files. The name does not matter.
-
Electron Shepherd wrote:
What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea?
Is it the first time you have ever found those kind of files in your temp directory? It is a very common to have temporary executables during installation. Windows Installer also creates such files. My only complaint is that these files should be deleted automatically by the tool or the utility creating the files. The name does not matter.
If it's an executable, then: a) it should have a .exe extension b) it should have a name related to its purpose c) it should include version information d) it should be signed (this is sort of optional), but we digitally sign all of our executables for our products.
-
If it's an executable, then: a) it should have a .exe extension b) it should have a name related to its purpose c) it should include version information d) it should be signed (this is sort of optional), but we digitally sign all of our executables for our products.
Not if it is a temporary executable, used only for installation only. I would agree with you if it was not a temporary file. Again, I will also agree with you of you say that the file should have been deleted once the job was done. But as far as the name is concerned I do not see any issue.
-
Not if it is a temporary executable, used only for installation only. I would agree with you if it was not a temporary file. Again, I will also agree with you of you say that the file should have been deleted once the job was done. But as far as the name is concerned I do not see any issue.
The executable cen technically be any name. But why not give it a .exe filename? There is a benefit (it's obvious it's an executable), and no disdvantage. So why not do something that has an advantage but no disadvantage?
-
Just been clearing out my local Temp directory, and came across a file named ply03d.tmp, which displayed with an icon. That means it's probably an executable. Opening it up in various tools confirms this (no, I didn't run it to see what it did). It has an icon embedded, and an XML manifest. No resource string, no dialogs, no version information. It is not digitally signed. The XML manifest, when extracted, contains no identifying information, other than the string 'wubi'. So, it's a completely unidentified executable that looks like it's "hiding" in the Temp directory. You are probably thinking virus. So was I. Thankfully I was wrong. Turn's out it's part of Ubuntu, specifically a Windows installer (http://wubi-installer.org/[^]). I did have an Ubuntu CD in the drive, since I burnt the ISO for use in another machine, and then, out of curiousity, played with it briefly. What kind of idiot thinks that leaving unsigned, unidentified, mis-named executables on a system is a good idea? The least they could have done is include a version resource, so I knew what it was. Mark Shuttleworth used to own Thwate, so surely he can afford a code-signing certificate, to digitally sign the executable. :mad:
I just ran wubi on my machine, I do get an exe extension. Are you sure you are not hiding the extensions? http://www.codeproject.com/script/Membership/Uploads/15383/Capture.PNG[^]
-
The executable cen technically be any name. But why not give it a .exe filename? There is a benefit (it's obvious it's an executable), and no disdvantage. So why not do something that has an advantage but no disadvantage?
Electron Shepherd wrote:
But why not give it a .exe filename?
There might be many reasons. One obvious reason may be all the file names are generated using a common method (which may call GetTempFileName) which automatically fixes the extension.
-
I just ran wubi on my machine, I do get an exe extension. Are you sure you are not hiding the extensions? http://www.codeproject.com/script/Membership/Uploads/15383/Capture.PNG[^]
But... ... that's my whole point. Why try to mask things? We've all recieved emails with attachements of 'Notes.txt.vbs', to try to trick people into thinking it's a text file, when in fact it's a malicious script. Why would anyone think that giving an exectuable "two" extensions was a good idea. The filename alone makes it look like a virus file, never mind the missing or incomplete resources.
-
Electron Shepherd wrote:
But why not give it a .exe filename?
There might be many reasons. One obvious reason may be all the file names are generated using a common method (which may call GetTempFileName) which automatically fixes the extension.
I would like to think that someone with enough talent to write progams that enable Linux to run on top of Windows can do some simple "replace the last three characters of this string variable" programming.
-
I would like to think that someone with enough talent to write progams that enable Linux to run on top of Windows can do some simple "replace the last three characters of this string variable" programming.
Sure! But in the grand scheme of thing it is a very trivial issue having zero or no impact to anyone. To me the bigger issue is that the application does not delete the files.
-
Sure! But in the grand scheme of thing it is a very trivial issue having zero or no impact to anyone. To me the bigger issue is that the application does not delete the files.
Well, getting an application to reliably delete itself is a bit tricky.
-
Well, getting an application to reliably delete itself is a bit tricky.
Not really, installers do it all the time. Actually, they use MoveFileEx with MOVEFILE_DELAY_UNTIL_REBOOT flag. May be that;s what wubi also uses and you may not have rebooted yet.
-
Not really, installers do it all the time. Actually, they use MoveFileEx with MOVEFILE_DELAY_UNTIL_REBOOT flag. May be that;s what wubi also uses and you may not have rebooted yet.
I'm aware of the function, but, as you say (and the flag name is a bit of a giveaway :)) that does require a reboot. I had rebooted since, so they clearly aren't using that.
