cross-platform virus
Daniel Robitaille
robitaille at gmail.com
Sat Apr 8 16:44:29 BST 2006
On 4/8/06, Shawn McMahon <smcmahon at eiv.com> wrote:
> On Sat, Apr 08, 2006 at 10:57:37AM +0800, Senectus . said:
> >
> > 6. su root
> > 7. make install
>
> If we're going to install viruses, let's do it the "right" way:
>
> sudo make install
I always wondered about the potential of a problem with sudo in the
context of a linux virus/worm script. Let's say that "virus" had the
line "sudo rm -Rf /", and that script/virus was run automatically
because of an action of the user in an application with a bug/security
weakness (by reading an email, clicking a link in firefox, whatever).
Obviously it wouldn't work (sudo needs to ask for a password), unless
the user had done a sudo command within the last 15 minutes, and the
sudo command still has a token not to ask for a new password.
Wouldn't making Ubuntu's sudo asking for a password every single time
instead of the current once-per-15-minutes make the OS more secure
and immune to this type of simple script with a damaging payload? But
of course that would be annoying while using sudo in our day-to-day
usage, but for an increased security I would consider doing it (and
actually do on one of my system)
--
Daniel Robitaille
More information about the sounder
mailing list