[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unix and email viruses

On Sun, Mar 02, 2008 at 08:16:16PM -0500, Douglas A. Tutty wrote:
> On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote:
> > On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> > > On 3/2/08, Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
> > Anyway, that's the whole point of an exploit -- providing some
> > _thing_, data or code, that causes a privilege escalation. It doesn't
> > have to be a helper running as root, just a helper that can be
> > exploited in some manner to get a root escalation. At least that's
> > what I understand. 
> Do the standard virus checkers (is it ClamAV?) find such problems before
> an exploit in mutt/helper is found or fixed?

don't know.

> I never read email from X, always from a VT (or a vt520).  If something
> comes in from someone I don't know and it contains an image, I delete
> it; if it contains html, I read it myself and if I'm really curious I'll
> open it with lynx when disconnected from the internet (I'm on dialup).
> Any other attachements from people I don't know get deleted too.  If I
> get an unknown attachement from someone I do know, I'll send them a note
> saying "what is this?".
> I never read mail as root, it all gets redirected to me, dtutty.  OTOH,
> dtutty is in lots of groups: ssh, adm, staff so something nasty could do
> some harm.  Note that for surfing the net with javascript or flash, I
> use the user dtbrowser which is in no special groups and has nothing
> secret in /home/dtbrowser.

based on the above, I think you've not a thing to worry about.

But I'm no expert at all. All my previous statements are hearsay at


Attachment: signature.asc
Description: Digital signature

Reply to: