-----BEGIN PGP SIGNED MESSAGE-----
Leonard den Ottolander wrote:
> Reading the article mentioned by Charles in the thread "follow up on that
>virus story" (http://www.datafellows.com/v-descs/lindose.shtml) this seems
>indeed to be the case.
I'm not really surprised. All bets are off if it's executed from an
insecure operating system in a dual-boot configuration, which is where
it seems the danger is here. For Linux-only installations, this looks
like a yawner; I haven't seen any evidence that this code can, when
executed on a running Linux system, infect binaries to which the
invoking user does not otherwise have write permission. Assuming
that's not the case, we've affirmed the integrity of the Unix security
model, because damage can only be done to the user's files.
Otherwise, we'd have quite a show-stopper local root exploit.
Can anyone confirm or deny these impressions?
- -d
- --
David Talkington
http://www.spotnet.org
PGP key: http://www.prairienet.org/~dtalk/dt000823.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6
iQEVAwUBOsaZ8b1ZYOtSwT+tAQGU8ggAmjtokSLTER4Jj4XNpjBvUYaeh/I3zqtn
fqVmVQAvnME5xqsz7JWQg9is9wzGETpDO3mIs1flKB8UdBEhlwyxj0pdSGO0xq6q
qpO/vbpjL/1G5yUq9ALvOoLp3K+oc3+CejECNmP6HGQYl8mHPFqDQ0/ywBeu7gi0
r6TLetzhbKBCnIcQYawrjVJobzSBnPQwFR9ZgxRtx/HDda4s8oXUBpns0QR5n2CU
L02lT4D/ZSA9rb7OoIpnhWXOfBjLArTgSQD4QV62gfft2PQrO1V6YaiQZGgfne6K
KK2CvWmg+e6IgWxnvRk8t4EIfGid6E/LfFQm6Vc9WKwbr000PSyrPg==
=msqn
-----END PGP SIGNATURE-----
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
