[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unix and email viruses

On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
> On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> > On 3/2/08, Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
> Anyway, that's the whole point of an exploit -- providing some
> _thing_, data or code, that causes a privilege escalation. It doesn't
> have to be a helper running as root, just a helper that can be
> exploited in some manner to get a root escalation. At least that's
> what I understand. 

Do the standard virus checkers (is it ClamAV?) find such problems before
an exploit in mutt/helper is found or fixed?

I never read email from X, always from a VT (or a vt520).  If something
comes in from someone I don't know and it contains an image, I delete
it; if it contains html, I read it myself and if I'm really curious I'll
open it with lynx when disconnected from the internet (I'm on dialup).
Any other attachements from people I don't know get deleted too.  If I
get an unknown attachement from someone I do know, I'll send them a note
saying "what is this?".

I never read mail as root, it all gets redirected to me, dtutty.  OTOH,
dtutty is in lots of groups: ssh, adm, staff so something nasty could do
some harm.  Note that for surfing the net with javascript or flash, I
use the user dtbrowser which is in no special groups and has nothing
secret in /home/dtbrowser.


Reply to: