X-no-Archive:yes Tom Emerson wrote: > The root problem, however, is the plethora of things windows considers to > be "executable", and by "clicking" on a file with a particular file > extension [a bozo implimentation {sic} if ever I saw one (*)] causes the windows > GUI to attempt to load & execute something of questionable origin. You seem to be confusing three concepts, what is in fact executable, what is associated with an executable, and what is an OS-executable script. Winword.exe is an executable. .DOC is associated with Winword.exe. .doc's association with Word runs a program I have already installed. This is very different from running some .com or .com whatever binary someone attaches to an email. The fearless among you might want to look at http://216-118-15-3.pdq.net/emailgag/EXE's/Greeting.exe as something which looks and acts as dangerous as it could be, but is not actually dangerous. Tom refers to things listed as in file associations as executable. Running assoc|find /c "." tells me that I have 465 associations, so I won't be reviewing them, although if you are worried about these accumulating, feel free to keep track of them. But a cursory examination shows me that WinZip associated files are considered executable. That is because ZIPs allow for a file to be ran after it is unzipped (or whatever form of compression is used). This is closer to the idea of a Word document having an embedded macro, to allowing a data file to also contain something which can be ran. And opening a Word document or Zip file is still a very different thing from running a text file that is also an OS-executable script (like a VBS) or running an attached executable. .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH are all values of PATHEXT on my workstation, and they are treated as executables, and do not require me to install or have anything outside of Windows, even though some of them are just scripts. I guess one could remove .VBS, et al, from that list, if one is concerned. I'm not, because I take other steps to prevent these problems, such as using Windows Update and Office Update to stay updated, using an AV scanner, and not opening attachments such that they can be executed. It is more involved to associated .vbs with an editor, while preserving the ability to run it when desired, but it is one solution. I don't for instance expect to see any viruses written in perl. perl.exe is an executable. .pl is the standard extension associated with a perl script. And I use this as an example, because perl scripts are something that can run. So, if one has .pl associated such that the default is to run them, then double-clicking on someone's attached. pl is a bad idea. However, it would require that one have a perl interpreter installed, and have .pl associated such that it is ran when opened, instead of simply opened in a text editor. But a perl virus would require the victim to have perl installed and so associated. Now if Windows users would learn to use protocol links, instead of emailing attachments, maybe we would appreciate Windows's ability to open documents by association somewhat more. Greg Stigers http://www.cgiusa.com * To join/leave the list, search archives, change list settings, * * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *