Hi Shawn,
> >The worst thing a 'macro virus', for example, could do is remove your own
> >files..
>
> Or any files you have "write" access to.
>
> Which doesn't seem like a problem if you protect ALL system binaries against
> writing without being root, but then you have to remember:
>
> 1) If you don't get them ALL, you're vulnerable, and it's a pain to get them
> ALL.
>
> 2) Your dot files are vulnerable, and they could be manipulated to make you
> run something when you're root.
>
> Think about this scenario:
>
> Virus runs. You're not root. It adds an alias to your shell settings
> files, making "ls" run an infected program that, if you're not root, just
> runs the regular "ls" with your chosen parameters.
>
> Then you su to root, and run ls again. Boom, Mr. Virus wakes up and infects
> stuff.
>
ehmm... do you still use the "su" command without the
trailing minus?
(like in "su -")... then find the man page for su!
> Maybe it infects /bin/sh...
>
> Unix viruses take more thought and coding skill than Dos ones, but they're
> quite possible. Considering the robust virtual memory and multitasking on
> Unix systems, you can make them quite large and complex and still have them
> work without arousing suspicion.
>
well, with un*x we've better defenses than poor dos!
hope this helps
ciao fede
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
> To unsubscribe: mail [EMAIL PROTECTED] with
> "unsubscribe" as the Subject.
--
Semper Voster
--------------------------------------------
| |
| [EMAIL PROTECTED] |
| |
| Via W. Tobagi, 21 |
| 20143 Milano - Italy |
| |
| Phone: +39/2/89.12.65.76 |
| |
| Member of the Linux Community :-) |
| Microsoft's just a rebooting Infinity... |
| |
--------------------------------------------
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.