cross-platform virus

Eric Feliksik milouny at gmx.net
Sat Apr 8 18:13:35 BST 2006 

Daniel Robitaille wrote:
> On 4/8/06, Shawn McMahon <smcmahon at eiv.com> wrote:
>> On Sat, Apr 08, 2006 at 10:57:37AM +0800, Senectus . said:
>>>    6. su root
>>>    7. make install
>> If we're going to install viruses, let's do it the "right" way:
>>
>> sudo make install
> 
> I always wondered about the potential of a problem with sudo in the
> context of a linux virus/worm script.  Let's say that "virus" had the
> line "sudo rm -Rf /", and that script/virus was run automatically
> because of an action of the user in an application with a bug/security
> weakness  (by reading an email, clicking a link in firefox, whatever).
>  Obviously it wouldn't work (sudo needs to ask for a password), unless
> the user had done a sudo command within the last 15 minutes, and the
> sudo command still has a token not to ask for a new password.
> 
> Wouldn't making Ubuntu's sudo asking for a password every single time
> instead of the current once-per-15-minutes  make the OS more secure
> and immune to this type of simple script with a damaging payload?  But
> of course that would be annoying while using sudo in our day-to-day
> usage, but for an increased security I would consider doing it (and
> actually do on one of my system)
> 
> 
> 
> --
> Daniel Robitaille
> 

You have a point; If you compromise a sudo-enabled user-account, you can 
compromise the whole system (in practice). This has been discussed 
several times before, and the developers seem to agree on this and 
accept this.

This is because it's not difficult to make the user run the malware with 
root-priviledges; just make your malware replace an existing 
gksudo-enabled shortcut (modify entry in System-menu, show a 
update-notifier icon, etcetera). This can be done with user-priviledges. 
If you give the program a clever name (like gdm-setup, to fake being 
gdmsetup, etcetera) no-one will notice. Next time it is ran, you enter 
your password (via the normal gksudo, nothing nasty), but the actual 
program that is ran, *is* nasty, and running with root priviledges.

Yes, it feels insecure. Sudo seems only capable of preventing mistakes, 
but it does not prevent malware targetting this issue from compromising 
your system. So the claim is "you must take care". Well, we can claim 
this as long as ubuntu is only used by very few people, that are 
tech-savvy. As soon as gnome/ubuntu actually becomes "linux for 
grandma", the shit will hit the fan, I'm afraid.

More information about the sounder mailing list