Ron Johnson <[EMAIL PROTECTED]> writes: > How can an email virus work on *ix?
How does it work on Windows? Either convince the user to click on a link, or exploit a bug in the MUA. When it has code running, scan the user's address book and mail archives, and send out lots of email. Include your own SMTP client to contact servers. None of this is restricted by root. It can also pop up a DDOS or SPAM server running as the user in a high-numbered port. If it wants root-level privileges (which none of the viruses out for Windows seem to need or care about) it can pop in a sniffer or some sort for the user's keystrokes to see if the user ever su's. > And a click-thru virus (or is it really a trojan?) can only do > damage to files that you have privs to touch (unless there's a bug > in Java or JavaScript). Sure. So? All the files I really care about are the ones I have privilege to touch. I don't care about the OS so much... I can install it again. I do care about the documents or code I'm working on. Or my local customizations. I have a 2GB home directory on my laptop at the moment. I care more about any of that data than anything the virus can't touch. Or, at work, I have access to modify all sorts of things that I need to in the context of my job. A virus could have a lot of fun. Sure, you can mitigate the risk. Backups, CVS repositories, secondary accounts for certain things, keeping things on several machines, can all reduce the damage a virus could do. But just saying "A virus can't hurt a user unless it's root" is incorrect. And downplaying that it can affect any file the user can touch ignores where most of the value is in the files on an average system. -- Alan Shutko <[EMAIL PROTECTED]> - I am the rocks. Data in Oz: "If I only had a pulmonary apparatus . . ." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
