Well, to respond to the subject first: No, Swen is definately not slowing down here... And my attempt to install amavis/clamav was a bit of a failure, so I'm seeing a lot of crap...
On Thursday 02 October 2003 06:17, ScruLoose wrote: > Most non-MS users are not likely to be logged in as root when they > check the mail, so whether some virus auto-executes or entices them > to click on it, the damage is generally going to be pretty well > contained. > > It's going to take a _hell_ of a lot of social engineering to > convince me to su, provide my root password, install and run some > program that showed up in my inbox. No matter how pretty a message > it's packaged in. Even assuming that the user getting the infected > mail _has_ the root password. Well, a virus like Swen wouldn't need root access to spread. I don't know what Swen does to a Windows machine (and I don't care, I haven't got any), but just to annoy people with enormous amounts of e-mail, someone could imageinebly write a perl script with its own SMTP-engine. If a non-priviliged user was fooled into executing the perl script, it could still spread to any platform with Perl installed. Indeed, it is unlikely that such a virus would make any significant impact on the system, unless of course, it was then able to exploit a local vulnerability to gain root (or gid 'games', I love those upgrades! :-) ). However, most users have their most important documents in their home dir anyway, so a virus deleting those would do real damage anyway, and it would do real damage to Linux' reputation as being more secure. Scenario: A perl script deleting all the files in the homedir of infected users, spreading to all the contacts that is in user's addressbooks. This would likely include all the homedirs of all the users in an organization: PHB: Sysadmin, what's happening? Sysadmin: A simple virus. It didn't damage the system, we're running as normal. PHB: What do you mean, didn't damage the system, it deleted all my files!?! The PHB is not going to care a lot for the integrity of the system once his files are all gone, his perception of damage is going to be very different from yours. >Besides, everything about MS seems designed to actively encourage >clueless behaviour. I agree, and this is the major point that we have to ensure as MS marketshare starts dropping and we start taking over the desktop, Linux users are more clued. A company starting migration to Linux must realize that for their own security, they have to train their employees better than they did with MS systems. Anyway, I think the main technical strength lies in that a lot of seemingly unimportant fixes are given attention, so that there will not exist many possibilities to execute code unless the user knows about it. Cheers, Kjetil -- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
