On Fri, Mar 30, 2001 at 05:54:25PM -0800, Karsten M. Self wrote: > on Wed, Mar 28, 2001 at 10:53:33PM -0500, William T Wilson (fluffy@snurgle.org) wrote: > > On Thu, 29 Mar 2001, Mark Devin wrote: > > > > > Surely this virus cannot overwrite executables that require root > > > permission? Or can it? > > > > Like every so-called Linux virus, it requires the user to behave stupidly > > - it's really a trojan horse. > > No, it's not a trojan, it's a virus. > > A trojan, classic definition, is a program that tricks you into running > it, which allows it to run its majick, and generally transfer, in whole, > to another system. The confidence game needs to be played each time the > program is run. > > A virus actively infects other files. The confidence game needs to be > played once. Afterward, you're running what should be good files, which > have been modified in place. Systems such as md5sums should pick these > out (you'd need a pretty sophisticated virus to catch that), but the > roster of infected files on your system could change on a variable > basis. though one could argue that the virus was delivered by a trojan... > > It has the same permission rules as any other program, so it can't > > change root-owned files, unless they are world-writable or you are > > running as root. > > The hard step is going from user-level executable to system-level > executable. You'd need a user-owned binary which a root-owned process > might run to make this transition. cat <<EOF >> ~/.bashrc alias su='su -c ~/.virus' EOF -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpD34Sm3Tziq.pgp
Description: PGP signature