cross-platform virus
Sasha Tsykin
stsykin at gmail.com
Sun Apr 9 03:01:20 BST 2006
Daniel Robitaille wrote:
> On 4/8/06, Shawn McMahon <smcmahon at eiv.com> wrote:
>> On Sat, Apr 08, 2006 at 10:57:37AM +0800, Senectus . said:
>>> 6. su root
>>> 7. make install
>> If we're going to install viruses, let's do it the "right" way:
>>
>> sudo make install
>
> I always wondered about the potential of a problem with sudo in the
> context of a linux virus/worm script. Let's say that "virus" had the
> line "sudo rm -Rf /", and that script/virus was run automatically
> because of an action of the user in an application with a bug/security
> weakness (by reading an email, clicking a link in firefox, whatever).
> Obviously it wouldn't work (sudo needs to ask for a password), unless
> the user had done a sudo command within the last 15 minutes, and the
> sudo command still has a token not to ask for a new password.
>
> Wouldn't making Ubuntu's sudo asking for a password every single time
> instead of the current once-per-15-minutes make the OS more secure
> and immune to this type of simple script with a damaging payload? But
> of course that would be annoying while using sudo in our day-to-day
> usage, but for an increased security I would consider doing it (and
> actually do on one of my system)
>
>
>
> --
> Daniel Robitaille
>
It's not that simple, the sudo command has to be run int eh same
terminal session as the previous command, and the gksudo function does
not get counted.
Sasha
More information about the sounder
mailing list