Chuck Mead wrote:
> Pure BS unless you're silly enough to read mail and execute unknown
> binaries which have arrived in the mail as root (which presumes the
> thing even arrives by mail)! ~sigh.... this is a case of journalistic
> sensationalism crying wolf when there ain't nuttin there but a
> Chihuahua!
Agreed, entirely. But I do wonder -- how many of us check MD5 sigs
before we run rpm -i, for example? Some, maybe even most of us (though
I'd be surprised), but not all; so there is a point at which the *nix
resistance to infection can be subverted. And don't blame rpm, the same
thing can happen with (./configure && make && make install) if you don't
review the source code yourself. The days when root probably had a
bachelor's or better in CS are gone, and growing dim, and [warning:
threadbare homily imminent] the weakest link in the security chain is
the user.
I'm not a virus/worm writer, I don't know the limitations they have to
work under, but if your code is meant to run within somebody else's
program anyhow it seems to me that it wouldn't be all that tough to put
some conditional wrapping around part of it such that we know where we
are before we run, and rewrite our headers accordingly. Bloats the
program but by modern standards a few K won't be noticed in the average
ftp download.
So while this particular announcement may or may not be BS, I think it's
a mistake to let ourselves become complacent about the idea. Unix has
no magical immunity to virus infection, the real defense has always more
social than technical, and the social forces around Unix are changing.
--
~~~Michael Jinks, IB // Technical Entity // Saecos Corporation~~~~
"We've done our best, but you're still hosed." -- W. Stearns, ISTS
Opinions expressed above are my own, and not those of my computer.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
