John Conover <[EMAIL PROTECTED]> writes:
> Hi Russ. Actually, we used to do just that. That was what /usr/local/*
> was all about. The executables (and the /usr/local directory structure,)
> were owned by other than UID GID root or bin. There was a special UID
> and GID for everything in /usr/local. (Its been too long, I can't
> remember the UID GID.)
I don't think people are quite understanding what I'm saying here.
One can install a binary or other executable on a Unix system without
being root. One cannot modify *system* binaries (this multiuser system
thing again), but one can quite certainly modify binaries that the user
runs, if they have any of their own software installed. Now maybe it's
now out of vogue for a Unix user to actually install software in ~/bin,
owned by them, but I certainly still do this.
Furthermore, one can create ~/bin (or ~/... or some other such thing), put
it in the user's PATH by editing their dotfiles, and stick ls, rm, and
whatnot in there and have the user execute them instead of system
binaries. You can produce something that's very much like a "virus" this
way, provided that the user has some program (any program) in their own
directories.
There is nothing in Unix that requires that you have special privileges to
modify an executable program, in general.
Of course, such a virus, in the absence of other security holes, cannot
infect more than one user's files. I again contend that this is precisely
the difference between a single-user and multiuser system, and regardless
of what people think of the stupidity of creating a single-user system,
this IS NOT MICROSOFT'S SOLE FAULT because IT WASN'T THEIR IDEA IN THE
FIRST PLACE and THE MACINTOSH, AND NEARLY EVERY OTHER "HOME" COMPUTER EVER
MADE, WORKS EXACTLY THE SAME WAY.
Sorry.
I will point out that the presence of programs that users want to run and
that require access to the underlying hardware means that personal
computers are often more careless about root level privileges than one
would like, that games are such programs, and that games are one of the
major uses of computers in general. Note all the setuid root SVGAlib
programs under Linux.
Oh, and once you're creating a distinguished profile that owns the system
binaries and the system binaries can't be modified without authenticating
as that profile, you have made a multiuser system. There is the normal
user and the privileged user, thus making two users. Of course, without
memory protection, this is rather pointless, and with memory protection,
you end up with a real operating system.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
