Hi Dale and everyone else, This isn't what I would typically call Malware, it could be repurposed into injecting into a html stream that has a shell script in it, or it could be snuck into a package, possibly if the maintainer is distracted which would make it inline with the Malware name, but it is no more malware than me sending you a zip containing a shell script you really need that has the old rm -rf /* at the bottom, then telling you to chmod +x it and run it. Personally I think the guy should realease it to at least a few Linux and Boinc dev's as he may have stumbled upon a vulnerability if it can as he says persist via cron. I am all for responsible disclosure. -- Regards Morgan Storey IT Security Specialist. <div class="gmail_quote">On Wed, Dec 2, 2009 at 10:23 AM, Dale <<a href="mailto:quail.linux@gmail.com">quail.linux@gmail.com</a>> wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Hi All, I found this to bit of an interesting read: <a href="http://ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware" target="_blank">http://ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware</a> Regards Dale -- [WWW] <a href="http://quail.southernvaleslug.org/" target="_blank">http://quail.southernvaleslug.org/</a> "The significant problems we face cannot be solved at the same level of thinking we were at when we created them" - Albert Einstein -- ubuntu-au mailing list <a href="mailto:ubuntu-au@lists.ubuntu.com">ubuntu-au@lists.ubuntu.com</a> <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-au" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-au</a> </blockquote></div>