Re: virus on linux?

To: debian-user <Debian-User@lists.debian.org>
Subject: Re: virus on linux?
From: Nuno Magalhães <nunomagalhaes@eu.ipp.pt>
Date: Wed, 2 Dec 2009 11:04:01 +0000
Message-id: <[🔎] 6b1504c40912020304i25d509cajee44121d646dc788@mail.gmail.com>
In-reply-to: <[🔎] 20091202013305.GF32312@aurora.owens.net>
References: <[🔎] 46688cb90911302323r5b945b50we311d0624a51065@mail.gmail.com> <[🔎] 20091201081222.2be3708a@jup-linux2.SGL.GROUP> <[🔎] 20091202013305.GF32312@aurora.owens.net>

On Wed, Dec 2, 2009 at 01:33, Rob Owens <rowens@ptd.net> wrote:

> Don't forget about the *.desktop files that several desktop environments
> use to launch programs from their deskop.  They can execute files
> without the "x" permission set.  Although I think one of the major DE's
> fixed that security hole (but I can't remember which).

I think that was the proof of concept someone mentioned.

For security there's Bastille linux, which (i guess) is similar to
harden_suse - does a lot of little changes to harden your system. I
didn't really like it, but it might be worth a try. Using an IDS
wouldn't be a bad idea also, tutorials abound.

I think it's worth repeating that even without privilege escalation, a
compromised user account could do a lot of damage - spambot for one.

-- 
()  ascii-rubanda kampajno - kontraŭ html-a retpoŝto
/\  ascii ribbon campaign - against html e-mail

Reply to:

References:
- virus on linux?
  - From: abdelkader belahcene <abelahcene@gmail.com>
- Re: virus on linux?
  - From: Avi Greenbury <avismailinglistaccount@googlemail.com>
- Re: virus on linux?
  - From: Rob Owens <rowens@ptd.net>

Prev by Date: Re: NetBeans in contrib
Next by Date: Re: Wrong Keymap used in X session
Previous by thread: Re: virus on linux?
Next by thread: Re: installing experimental supertux: libopenal0a missing
Index(es):
- Date
- Thread