Mutt/GnuPG doc initial release
Thu Sep 27 07:01:02 2001
David Shaw wrote:
> While it is true that virii often try to masquerade as harmless
> attachments, nevertheless a signature is not a binary or executable
> code of any sort.
Neither is a patch on source code, but a malacious patch can intruduce
a security weakness in a program, even when it's not obvioud to the
casual observer (I don't expect anyone to send out source patches with
code that explicitly mails a secret key to the attacker, but subtle
flaws might be introduced unnoticed).
ir. J.C.A. Wevers // Physics and science fiction site:
email@example.com // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html