On Tue, 2002-06-04 at 19:36, J Sloan wrote:
> Complacency is never a good idea - however,
> let's give credit where credit is due - it's orders
> of magnitude more difficult to do something like
> this against a unix system - most script kiddies
> will go for the easy targets (microsoft) instead
Each of the major viruses has probably got one author singular.
There are ways of making systems much more resistant to attack including
viruses. Things like RSBAC and the NSA security modules help you get
into a situation where this kind of stuff doesn't occur
User1 gets a virus
User1 owns a binary root users
Root gets the virus
Splat
Because with a trust model it goes instead
User1 geta a virus
User1 owns a binary root users
User1 virus patches the binary
Root is refused permission to run the binary because it no longer has
a high enough integrity
Even before that the lack of people checking GPG keys on RPM and other
packages is disturbing.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 07 2002 - 22:00:21 EST