Re: Viruses

From: PQBON <sdeutsch ece ucdavis edu>
To: gnome-list gnome org
Subject: Re: Viruses
Date: Tue, 6 Jul 1999 15:28:16 -0700 (PDT)

On  6 Jul, Gregory McLean banged into a keyboard:
> -> 
> -> On the whole, that doesn't happen in the Unix world.  When I get a
> -> binary, I get a collection of files in a known format (tar, RPM,
> -> etc.), and the installer (which I already have) just has to put the
> -> files in the right places.  So the only thing I'm doing as root is
> -> running a known program---something like rpm.  (rpm can do other
> -> stuff, too, like run ldconfig.  I'm not sure how careful it is about
> -> what a package can ask it to do, so there's a potential loophole, I
> -> suppose.)  I can look inside an rpm/tar/pkg before I install it; I
> 
> Yeah it will run the pre/post install scripts so this is the loophole that 
> the virus writers will exploit to get viruses and other untrusted executeables
> into a system. As always the weakest link is going to be the one between the monitor and chair.. (Ie the user). Granted you can look inside a package
> before installing so this will help some people.. 
> 
Every one seems to forget that a virus needs to do more then infect 1
file...

*nix is very suseptable to Trojans but not viruses...

The difference is a virus spreads to new executables and infects new
sources... a trojan is just a program that gets in a f*cks everyhting
up.

A virus in unix would be tough. To infect more than 1 binary (the
installer) you would need to run you apps/progies as root. Unless you
have incorectly set your file permissions to allow others to write to
you binaries....

However... this is where *nixes such as Be are vunerable. They don't
(at least not as far as my defualt 4.5 system shows) you to login
making all actions "root". An OS such as this (based on unix) would be
vunerable.

The whole root/file permission is the reason people don't write viruses
for unix... it could be done but it wouldn't propagate well/fast at all.

This is also a huge problem on NT... I can't remeber as to 4.0 but in
3.5(1) To login in you needed w/r access to $WINNT/system32 where all
the system binaries are stored....



-- 

the PQBON <Will Deutsch>

I still maintain the point that designing a monolithic kernel in 1991 is a
fundamental error.  Be thankful you are not my student.  You would not get a
high grade for such a design :-)
(Andrew Tanenbaum to Linus Torvalds)

http://www.slashdot.org/

References:
- Re: Viruses
  - From: Gregory McLean

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]