Re: Viruses

From: Gregory McLean <gregm comstar net>
To: Bruce Stephens <bruce cenderis demon co uk>
Cc: gnome-list gnome org
Subject: Re: Viruses
Date: Tue, 06 Jul 1999 18:20:58 -0400

-> 
-> On the whole, that doesn't happen in the Unix world.  When I get a
-> binary, I get a collection of files in a known format (tar, RPM,
-> etc.), and the installer (which I already have) just has to put the
-> files in the right places.  So the only thing I'm doing as root is
-> running a known program---something like rpm.  (rpm can do other
-> stuff, too, like run ldconfig.  I'm not sure how careful it is about
-> what a package can ask it to do, so there's a potential loophole, I
-> suppose.)  I can look inside an rpm/tar/pkg before I install it; I

Yeah it will run the pre/post install scripts so this is the loophole that 
the virus writers will exploit to get viruses and other untrusted executeables
into a system. As always the weakest link is going to be the one between the monitor and chair.. (Ie the user). Granted you can look inside a package
before installing so this will help some people.. 


-> can't (necessarily) look inside an executable.
-> 
-> So this is *quite* different to what typically happens in the Windows
-> world.  And long may it stay so.  
-> 
-> The next time someone suggests writing an InstallShield-like program
-> for your favourite Unixoid system to allow people to package things up
-> as executables, hit them.
-> 
-> 
-> -- 
->         FAQ: Frequently-Asked Questions at http://www.gnome.org/gnomefaq
->          To unsubscribe: mail gnome-list-request@gnome.org with 
->                        "unsubscribe" as the Subject.
->

Follow-Ups:
- Re: Viruses
  - From: PQBON

References:
- Re: Viruses
  - From: Bruce Stephens

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]