Re: Viruses

Well, you make a good point about RPMs and such, however, what do you think
someone who wants to do harm is most likely to do, use a system that no average
idiot can use because it is too tough for them, or attack the average idiot
using the least secure OS for such things?  I think it's obvious that Windows
is easier to create viruses for, and has a much wider public who will be
infected (as of now anyway).  It just doesn't seem like it's going to happen.

PS, this is, think about that next time...

On Tue, 06 Jul 1999, Alan Shutko wrote:
> If anyone is stupid, it's you.  But maybe you just didn't reaa the
> post very well.  Here's the gist.
> * Package installations nearly always have to be done as root.
> * RPMs (and I think other packaging systems) can run scripts during
>   the installation.
> * People rarely (if ever) look at the pre and post-install scripts of
>   RPMs.
> * Malicious people could use those scripts to infect or attack a
>   system, since they're done automatically and usually, as root.
> This is a very good point, and you really should have read it before
> giving a knee-jerk response.
> Lauris, I am not sure either of your ideas would really help.  Signed
> packages won't do much good (since anyone could sign one).  It might
> make people a little bit more picky about who their packages came
> from, but then again, they might just see "this rpm is signed by
> random key, so it should be safe" and not worry about it.
> -- 
> Alan Shutko <> - Looking for a job in Long Island!
> Check for a resume.
> I'll pretend to trust you if you'll pretend to trust me.
> -- 
>         FAQ: Frequently-Asked Questions at
>          To unsubscribe: mail with 
>                        "unsubscribe" as the Subject.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]