UNIX admin wrote:
so even if the virus did do a successful buffer overrun and managed to get a parent process's shell, it'd still end up causing no harm because regular user can't touch the system.
This is all very well and true. But for any system that mostly used by a single person (such as a home desktop), it's probably sufficient to get your infection into one of the user's dot files. You don't necessarily need this to be in a file called by root in order to cause damage, if the infected user is always logged in ...
Granted it's harder to make the infection undetectable in this case. But in practice it may still not be noticed.
Hugh. _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
