No. Its a trojan. If the superuser doesn't run a binary containing it then
it cannot affect more than the binaries a user has created of their own.
Having the superuser run random user installed binaries could do far
worse.
> its own remover, if you execute a binary with some weird option in the GNU
> long option style, and in that if creates a log of its activities.
Thats actually a bug - its meant to exec the 'log' copy.
> Actually, I fail to understand the need of people to relabel a virus as a
> trojan.
Because there are specific distinctions in security between a program
which actively operates and seeks to attack system resources or applications
to infect things and a trap that sits waiting for someone dumb enough to
run it.
McAffee are also wrong in that its the first unix virus for other reasons,
such as the fact if you class it as a virus then people have demoed other
similar tools. Those kind of latent trojans are big business in the
military security/information warfare world, and thus I'd also suspect soon
in the realms of sabotage and the less legal side of things.
Once you've got the BLISS source reversed BTW you can port it to just
about any OS I can think of including stuff like NT and VMS in a matter of
of minutes
Followups to linux-security and or bugtraq