Re: [masq] 1st virus in Linux :( (fwd)

Nathan Bryant (
Fri, 7 Feb 1997 16:42:02 -0500 (EST)

On Fri, 7 Feb 1997 wrote:

> On 7 Feb, Ingo Molnar wrote:
> >
> > On Fri, 7 Feb 1997, Chris Y. wrote:
> >
> > > Just picked this off of one my my mailing lists... you should check it
> > > out.
> >
> > > Its target is users who play games such as doom over the Internet with
> > ^^^^
> > > root access.
> > ^^^^^^^^^^^^
> > this says it all .... :)
> Doesn't doom give up root access once it has io perms to the video
> hardware, etc.? I would think this would only be a problem if run by
> root which is just simply a stupid thing to do. Isn't this a case of
> those that are causual about security get what they deserve?

I don't agree. Doom has a known bug which allows any user on your system
to get root if doom is installed setuid root. Every Linux distribution
I've ever used installs Doom setuid root, and RedHat has only recently
released a patch to correct this. (The patch doesn't fix doom, just
removes the setuid bit.)

> If I am correct, then McAfee should be clearer about the threat because
> their web page doesn't help Linux at all by suggesting that it is the
> first Unix that is suseptable to a virus and pointing out that all the
> Windoze OSes are not vulnerable to it.

I do agree that McAfee could be clearer about the threat. Their press
release leaves some important questions unanswered, such as how the Bliss
virus enters the system in the first placce. Is some FTP site distributing
infected copies of Doom?

> Ty
> --
> Tyson D Sawyer <> RWI, Inc. has been supplying leading edge
> Senior Systems Engineer mobile robotics technology since 1983
> Real World Interface, Inc.

| Nathan Bryant | Unsolicited commercial e-mail WILL be |
| | charged an $80/hr proofreading fee. |