No subject
Dave Temkin
dave at ordinaryworld.com
Wed Jan 28 19:47:04 UTC 2004
On Wednesday 28 January 2004 08:37, Dave Temkin wrote:
>> So? Had the virii been an application compiled for RedHat and
>> everyone ran RedHat instead of Windows and they downloaded it using
>> Evolution and double clicked on it, it would suddenly be RH's fault
>> instead of MIcrosoft's?
>If RedHat, by default had you running as root rather than an unprivledged
>user, it sure would be.
>
>Most Windows boxes are running with administrative privledges. That
>makes
>Windows a willing accomplice. The issue isn't that people click on
>attachments, but that there are no built in safeguards from what happens
>next.
>
>--
>Robin Lynn Frank | Director of Operations | Paradigm-Omega, LLC Cry
>havoc,
>and let slip the dogs of war! Email acceptance policy:
>http://paradigm-omega.com/email_policy.php
You're the second person to say that and it's still wrong. The virii,
once resident, opens a connection to port 25 on an open SMTP server,
whether it be the user's ISP relay or local server. Sure, it can't
install itself into /etc/init.d, but it sure can launch itself bg instead
of fg and be running until the user either kills it or reboots the box.
Also, for reference to other people - the preview pane does *not* allow
the execution of attachments unless they're double-clicked on and
acknowledged. Again - we're not talking about another OS or Outlook
exploit, only a stupid user exploit.
--
David Temkin
More information about the NANOG
mailing list