View previous topic :: View next topic |
Author |
Message |
vdboor Guru
Joined: 03 Dec 2003 Posts: 592 Location: The Netherlands
|
Posted: Mon Jan 05, 2004 2:16 pm Post subject: an option for viruses? |
|
|
Hi,
As far as I know, viruses have very little playground on a linux system. Mostly because of the user separation, executable permissions, and diversity of software.
but there was one thing I was wondering about: can a virus, running with my user privileges, gain access to an xterm where I use 'su'? I mean, I can copy-paste between programs, and the virus could paste a few commands it it likes it.
it this possible, or have I missed something here? because imho this could make the virus thread more realistic on the linux desktops. ..even though it's a lot harder to get viruses for linux. I often compare this with the old ms-dos days, where you needed to start the virus from a floppy disk you got from someone else. _________________ The best way to accelerate a windows server is by 9.81M/S²
Linux user #311670 and Yet Another Perl Programmer
[ screenies | Coding on KMess ] |
|
Back to top |
|
|
The Mountain Man l33t
Joined: 03 Sep 2003 Posts: 643
|
Posted: Mon Jan 05, 2004 3:14 pm Post subject: |
|
|
I'm thinking this isn't really a concern, but I don't know much about this sort of thing. _________________ I suck at signatures. |
|
Back to top |
|
|
hopstah Apprentice
Joined: 23 Nov 2003 Posts: 234 Location: Michigan
|
Posted: Mon Jan 05, 2004 3:26 pm Post subject: |
|
|
seems to me if it were a huge threat, it would have been done by now. it's not really a groundbreaking idea, you know? |
|
Back to top |
|
|
teknomage1 Veteran
Joined: 05 Aug 2003 Posts: 1239 Location: Los Angeles, CA
|
Posted: Mon Jan 05, 2004 4:35 pm Post subject: |
|
|
I the virus was smart enough to know you used 'su' it's smart enough to just steal your root password anyway and by then you're hosed. So it's not really worth worrying about. |
|
Back to top |
|
|
Genone Retired Dev
Joined: 14 Mar 2003 Posts: 9538 Location: beyond the rim
|
Posted: Mon Jan 05, 2004 8:06 pm Post subject: |
|
|
Well,
- the virus has to get on your system first
- it has to be executed first (remember, we don't have buggy 'I-execute-all-attachments' e-mail clients here)
- it would have to check the processlist to find an xterm/aterm/eterm/gnome-terminal/konsole/... running a root-priviledged shell it could use
- hack into the clipboard, manipulate the windowlist and paste some pre-defined strings
So while it's not impossible it would have to be fairly advanced and still need to be executed. One reason Linux is a harder target for malicious software is that each system runs different software (from console-only to full KDE), so it's hard to have a common denominator to write the software for (unlike Windows, where everyone has basically the same system).
Of course, if the virus would use the package management it could depend on the required components |
|
Back to top |
|
|
vdboor Guru
Joined: 03 Dec 2003 Posts: 592 Location: The Netherlands
|
Posted: Wed Jan 07, 2004 9:44 am Post subject: |
|
|
You guys are absolutely right about the complexity required to create such virus... and I haven't been worrying about linux viruses really much too.
If people ask something about linux viruses, I show them this article:
http://www.theregister.co.uk/content/56/33226.html It sums up pretty much everything.
However, I found this article yesterday in a simple google search: http://www.virusbtn.com/news/latest_news/granneman.xml ...and it woke me up a little.. because either we're being blinded by a little naieve "Linux is the best, and can't have viruses" advocacy, or the article is just simple FUD.
any opinions? _________________ The best way to accelerate a windows server is by 9.81M/S²
Linux user #311670 and Yet Another Perl Programmer
[ screenies | Coding on KMess ] |
|
Back to top |
|
|
Jazz Guru
Joined: 16 Nov 2003 Posts: 543 Location: Melbourne, Australia
|
Posted: Wed Jan 07, 2004 12:10 pm Post subject: |
|
|
HEHEH ! on a funny thought, i would love to see the virus get entangled in a dependency hell while trying to execute itself
That would teach it to remain out of Linux World for good
Bye,
Jassi |
|
Back to top |
|
|
nempo Guru
Joined: 16 Apr 2002 Posts: 360 Location: Linkoping, Sweden
|
Posted: Wed Jan 07, 2004 2:50 pm Post subject: |
|
|
vdboor wrote: | However, I found this article yesterday in a simple google search: http://www.virusbtn.com/news/latest_news/granneman.xml ...and it woke me up a little.. because either we're being blinded by a little naieve "Linux is the best, and can't have viruses" advocacy, or the article is just simple FUD.
any opinions? |
Hmm, this guy seem to think that it's OK to reinstall the OS everytime you catch a virus just so that the OS can be user-friendly. Most of the 'damages' the author talks about can just aswell have been caused by a windows/bsd/macosX machine. I also think the author is wrong when he's saying that you need to have unrestrictive access to the entire system for it to be hard-work-free/user-friendly, why not simply ask for a password when you'd like to touch sensitive system files and such. _________________
homeobocks wrote: | superjaded wrote: |
would Big Brother become a reality? |
Yeah . . . it would be just like the tv show. Except somebody would be watching. |
|
|
Back to top |
|
|
|