cross-platform virus
Lukas Sabota
punkrockguy318 at comcast.net
Sun Apr 9 14:41:18 BST 2006
> Fair enough, it actually is quite a worrying scenario. If, for example,
> the menu entry for synaptic were to be targeted, and changed to load a
> virus instead, then you would type the password into gksudo without
> realising you are activating a virus. This definitely needs to be fixed.
> Maybe if there is the command being run in BIG LETTERS next to the place
> where you type in your password.
Yes, but if they are hacking the desktop entry, they could also hack the
sudo command as well. They could create a "gksud" a psuedo-sudo
program. This program could say /usr/bin/synaptic, but really
run /usr/bin/VirusXXx. So I'm not sure how much emphasizing the command
name would help.
More information about the sounder
mailing list