undefined | Better HN

0 pointsorangeboats7mo ago0 comments

Can't the decompressor still produce a malicious uncompressed file?

0 comments

tlb7mo ago

Any decompressor can produce a malicious file. Just feed a malicious file to the compressor.

Yes, but currently the decompressors we use (so things like zstd, zlib, 7z) come from a mostly-verifiable source -- either you downloaded it straight from the official site, or you got it from your distro repo.

However, we are talking about an arbitrary decompressor here. The decompressor WASM is sandboxed from the outside world and it can't wreak havoc on your system, true, but nothing stops it from producing a malicious uncompressed file from a known good compressed file.

mort967mo ago

The format-specific decompressor is part of the compressed file. Nothing here crosses a security boundary. Either the compressed file is trustworthy and therefore decompresses into a trustworthy file, or the compressed file is not trustworthy and therefor decompresses into a non-trustworthy file.

If the compressed file is malicious, it doesn't matter whether it's malicious because it originated from a malicious uncompressed file, or is malicious because it originated from a benign uncompressed file and the transformation into a compressed file introduces the malicious parts due to the bundled custom decompressor.

yorwba7mo ago

If the decompressor is included in the compressed file and it's malicious, the file can hardly be called known good.

tecleandor7mo ago

But also I guess the logic of the decompressor could output different files in different occasions, for example, if it detects a victim, making it difficult to verify.

1 more reply

j / k navigate · click thread line to collapse