- From: jasta <jasta gotlinux org>
- To: gnome-list gnome org
- Subject: Re: Viruses
- Date: Tue, 6 Jul 1999 15:49:15 -0700
Well, you make a good point about RPMs and such, however, what do you think
someone who wants to do harm is most likely to do, use a system that no average
idiot can use because it is too tough for them, or attack the average idiot
using the least secure OS for such things? I think it's obvious that Windows
is easier to create viruses for, and has a much wider public who will be
infected (as of now anyway). It just doesn't seem like it's going to happen.
PS, this is firstname.lastname@example.org, think about that next time...
On Tue, 06 Jul 1999, Alan Shutko wrote:
> If anyone is stupid, it's you. But maybe you just didn't reaa the
> post very well. Here's the gist.
> * Package installations nearly always have to be done as root.
> * RPMs (and I think other packaging systems) can run scripts during
> the installation.
> * People rarely (if ever) look at the pre and post-install scripts of
> * Malicious people could use those scripts to infect or attack a
> system, since they're done automatically and usually, as root.
> This is a very good point, and you really should have read it before
> giving a knee-jerk response.
> Lauris, I am not sure either of your ideas would really help. Signed
> packages won't do much good (since anyone could sign one). It might
> make people a little bit more picky about who their packages came
> from, but then again, they might just see "this rpm is signed by
> random key, so it should be safe" and not worry about it.
> Alan Shutko <email@example.com> - Looking for a job in Long Island!
> Check http://rescomp.wustl.edu/~ats/ for a resume.
> I'll pretend to trust you if you'll pretend to trust me.
> FAQ: Frequently-Asked Questions at http://www.gnome.org/gnomefaq
> To unsubscribe: mail firstname.lastname@example.org with
> "unsubscribe" as the Subject.
] [Thread Prev