- From: "Roger Vaughn" <rvaughn pobox com>
- To: "Gnome List" <gnome-list gnome org>
- Subject: RE: Viruses
- Date: Tue, 6 Jul 1999 18:38:04 -0400
This is exactly the kind of complacency virus coders are hoping for. There
are *many* holes in any system, even in the install/run tactics you
describe, as others have already pointed out in this thread.
Virus coders typically go in for the thrill of breaking into the system - in
creating virii that can invade the toughest security. Who thought virii
would be developed that could evade virus signature checkers? But they
were. Who thought a virus could bypass the supposedly secure UNIX login?
But it did - the Morris worm exploited a little known login "bug" to get
into systems quickly and easily.
And how about the recent flood of email-based virii? Isn't it easy to
imagine that one of your users could run an unknown email attachment on your
Linux box? (Proving only that virii don't even have to be smart to invade.)
Linux is more secure than Windows, yes. But not bulletproof. Simply saying
the problem will never exist is just asking for it to happen. Expect it.
This is virgin territory, and some virus coder somewhere will get his cheap
thrills pioneering it.
> -----Original Message-----
> From: Bruce Stephens [mailto:firstname.lastname@example.org]
> Sent: Tuesday, July 06, 1999 5:47 PM
> To: email@example.com
> Subject: Re: Viruses
> Importance: Low
> firstname.lastname@example.org writes:
> > As soon, as Linux (BSD etc.) will become mainstream we are
> > probably facing a load of viruses (trojans, worms etc.).
> I don't think so. They'll get more common, but Unixoid systems are
> always going to be safer than Windows 9x systems, simply because of
> file protections and file ownerships.
> > These will start to proliferate the same way they do in WinMac world
> > for the simple reason that all installing in unix have to be done as
> > superuser.
> This is unlikely. When I install a Windows application, I typically
> run a self-extracting executable (or what I presume is one). That
> allows a trojan or a virus a really convenient way in (since I'm
> voluntarily executing an arbitrary executable).
> On the whole, that doesn't happen in the Unix world. When I get a
> binary, I get a collection of files in a known format (tar, RPM,
> etc.), and the installer (which I already have) just has to put the
> files in the right places. So the only thing I'm doing as root is
> running a known program---something like rpm. (rpm can do other
> stuff, too, like run ldconfig. I'm not sure how careful it is about
> what a package can ask it to do, so there's a potential loophole, I
> suppose.) I can look inside an rpm/tar/pkg before I install it; I
> can't (necessarily) look inside an executable.
> So this is *quite* different to what typically happens in the Windows
> world. And long may it stay so.
> The next time someone suggests writing an InstallShield-like program
> for your favourite Unixoid system to allow people to package things up
> as executables, hit them.
> FAQ: Frequently-Asked Questions at http://www.gnome.org/gnomefaq
> To unsubscribe: mail email@example.com with
> "unsubscribe" as the Subject.
] [Thread Prev