FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-16-2009, 10:49 PM
Dennis Wicks
 
Default security (malware) issues in Linux bases OSes

Dave Ewart wrote the following on 02/16/2009 10:42 AM:

On Monday, 16.02.2009 at 16:37 +0000, Avi Greenbury wrote:


Ron Johnson wrote:

I don't believe it. Show us!


In the interests of satisfying my curiosity:

vm-linux2:/# rm -rf /
rm: cannot remove root directory `/'
vm-linux2:/#


That's rather annoying. If I want to shoot myself in the foot, it
should let me. It's a bug that it doesn't :-)

Dave.



Especially since it will happily process /bin !! At least it
used to, and I still have the scars!

Did you try /* ??

I don't have a test system to play with, and advancing age
has caused me to suppress my curiosity about such things.

Dennis


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-16-2009, 11:11 PM
Paul E Condon
 
Default security (malware) issues in Linux bases OSes

On 2009-02-16_10:29:02, Ron Johnson wrote:
> On 02/16/2009 08:26 AM, Paul E Condon wrote:
>> On 2009-02-15_17:26:23, Boyd Stephen Smith Jr. wrote:
>>> On Sunday 15 February 2009 15:48:37 Ron Johnson wrote:
>>>> [W]hat's to stop Joe Wannabe from doing this?
>>>>
>>>> $ sudo dpkg -i NakedBrittany.deb
>>> What's to stop Joe Wannabe from doing this?
>>> sudo rm -rf The Great American Novell / Movie
>>
>> Joe Wannabe needs to learn more in order to do him self real harm.
>> Shouldn't it be:
>>
>> sudo rm -rf "The Great American Novell"
>
> That's the whole point. People coming from a gooey environment don't
> think (about such things).
>
>> ? ;-)
>> And, without testing it, I'm pretty sure that
>>
>> sudo rm -rf /
>>
>> is trapped and subject to special handling. At least, it should be,
>> IMHO.
>
> I don't believe it. Show us!

Ron, why don't you try to command and see for yourself? Its easy
enough to do it. I just don't have the time. Cough. Cough.

And to any newbies reading this. Please let Ron do the testing.

--
Paul E Condon
pecondon@mesanetworks.net


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-16-2009, 11:48 PM
Ron Johnson
 
Default security (malware) issues in Linux bases OSes

On 02/16/2009 06:11 PM, Paul E Condon wrote:

On 2009-02-16_10:29:02, Ron Johnson wrote:

On 02/16/2009 08:26 AM, Paul E Condon wrote:

On 2009-02-15_17:26:23, Boyd Stephen Smith Jr. wrote:

On Sunday 15 February 2009 15:48:37 Ron Johnson wrote:

[W]hat's to stop Joe Wannabe from doing this?

$ sudo dpkg -i NakedBrittany.deb

What's to stop Joe Wannabe from doing this?
sudo rm -rf The Great American Novell / Movie

Joe Wannabe needs to learn more in order to do him self real harm.
Shouldn't it be:

sudo rm -rf "The Great American Novell"
That's the whole point. People coming from a gooey environment don't
think (about such things).



? ;-)
And, without testing it, I'm pretty sure that

sudo rm -rf /


is trapped and subject to special handling. At least, it should be,
IMHO.

I don't believe it. Show us!


Ron, why don't you try to command and see for yourself? Its easy
enough to do it. I just don't have the time. Cough. Cough.


Boyd(?) asserted the statement, Boyd gets to try it out...


And to any newbies reading this. Please let Ron do the testing.




--
Ron Johnson, Jr.
Jefferson LA USA

Supporting World Peace Through Nuclear Pacification


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-16-2009, 11:54 PM
Dotan Cohen
 
Default security (malware) issues in Linux bases OSes

>>>> sudo rm -rf /
>>>> is trapped and subject to special handling. At least, it should be,
>>>> IMHO.
>>>
>>> I don't believe it. Show us!
>>
>> Ron, why don't you try to command and see for yourself? Its easy
>> enough to do it. I just don't have the time. Cough. Cough.
>
> Boyd(?) asserted the statement, Boyd gets to try it out...
>

I just tried it, and everything seems just fi[NO CARRIER]


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-16-2009, 11:55 PM
JoeHill
 
Default security (malware) issues in Linux bases OSes

H.S. wrote:

> Hello,
>
> In the last some weeks I recall reading in one of the mailing lists that
> it is just a matter of popularity that we are not seeing bad intentioned
> debs or rpms on the internet. If Debian/Ubuntu/Fedora were to become
> sufficiently popular, the claim is that it would be just as easy and
> popular to infect these OSes by making a user install something like
> NakedBrittany.deb as is now the case with Windows users.
>
> I realize that a clueless user is always going to be weakest link in the
> fence against malware infection.

Yes and no. Yes Linux can and certainly will be compromised through the social
engineering approach. No one is totally immune to that.

No, popularity has very little to do with it. Windows is compromised a lot
because it is trivial to do so. Linux could have twice the market share as
Windows, and it would still be less prone to invasion, simply because it is
more difficult to do so. This has been demonstrated time and time again in both
real world and simulated 'contests'. Hands down, Linux is a hundred times more
difficult to crack.

This article is the best explanation I have ever seen for the security 'layman'.

http://www.securityfocus.com/columnists/188

--
J


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-17-2009, 12:12 AM
Celejar
 
Default security (malware) issues in Linux bases OSes

On Mon, 16 Feb 2009 16:05:27 -0600
Ron Johnson <ron.l.johnson@cox.net> wrote:

> On 02/16/2009 03:55 PM, H.S. wrote:
> > Ron Johnson wrote:
> >
> >> Sure. The keylogger would have to add itself to the "autostart folder",
> >> but that's no mean feat.
> >>
> >
> > I am sorry, what is an auto start folder in relation to Debian or Ubuntu?
>
> The same people who would install NakedBrittany.deb are the same
> ones who log in thru gdm, probably without even a password.

I'm deeply offended I'd never install NakedBrittany.deb, I don't
use *dm, but I most certainly do have Autostart folders:

$HOME/.config/autostart
/etc/xdg/autostart

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-17-2009, 12:26 AM
Ron Johnson
 
Default security (malware) issues in Linux bases OSes

On 02/16/2009 06:55 PM, JoeHill wrote:
[snip]


No, popularity has very little to do with it. Windows is compromised a lot
because it is trivial to do so. Linux could have twice the market share as
Windows, and it would still be less prone to invasion, simply because it is
more difficult to do so. This has been demonstrated time and time again in both
real world and simulated 'contests'. Hands down, Linux is a hundred times more
difficult to crack.


Except that misconfigured Apache, MySQL, SSH, etc, etc, etc daemons
can (and do! leave Linux servers wide open to attack.


Thus: know what you're doing before bringing your computer to Mos
Eisley.


--
Ron Johnson, Jr.
Jefferson LA USA

Supporting World Peace Through Nuclear Pacification


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-22-2009, 08:44 AM
Emanoil Kotsev
 
Default security (malware) issues in Linux bases OSes

H.S. wrote:

> Hello,
>
> In the last some weeks I recall reading in one of the mailing lists that
> it is just a matter of popularity that we are not seeing bad intentioned
> debs or rpms on the internet. If Debian/Ubuntu/Fedora were to become
> sufficiently popular, the claim is that it would be just as easy and
> popular to infect these OSes by making a user install something like
> NakedBrittany.deb as is now the case with Windows users.

IF you are as stupid as a M$ user and _don't_ read the prompts but just
click "next" and type your admin pw you could install anything - that's
true for sure.

>
> I realize that a clueless user is always going to be weakest link in the
> fence against malware infection.
>
> Just wanted to throw this question out here to see what opinions various
> people have. What if such malicious deb or rpm is made available? How
> bad it would be for the same user as compared to similar malware in
> Windows case? Let us assume that the user has sudo access in Linux and
> has admin privileges in Windows.
>
>

Consider the _main_ difference that the first registered windows user
becomes automatically administrator. I'm not sure if it changed with second
etc. Also if you create a normal user it is practically impossible to work
with that user (manage system ressources).

So to me there is a very _big_ difference between the common linux OS's I
know so far and windows.

I think the main danger is in not using kind of firewall and week passwords,
so that someone from outside can crack your accounts and obtain root access
on your machine and even this is not that easy as in windows. And this is
not because windows is that popular, but because the concept is different

regards


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-22-2009, 08:49 AM
Emanoil Kotsev
 
Default security (malware) issues in Linux bases OSes

Ron Johnson wrote:


>>> Hooking file-roller into gksu and dpkg wouldn't be that hard.
>>>
>>> In fact, I wouldn't be surprised if that weren't already the case.
>>>
>>
>> I think Ubuntu does it.
>
> Why am I *not* surprised?

me neither :x

tried kubuntu for about 3 months :x - never ever

regards


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 05:27 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org