create a boot-able disk from an iso file

Nils Kassube kassube at gmx.net
Wed Jan 12 17:19:42 UTC 2011


Brian wrote:
> On Tue 11 Jan 2011 at 23:42:49 +0100, Nils Kassube wrote:
> > I think root access isn't necessary at all for doing serious
> > damage. For a "normal user" like me, the most valuable data are
> > stored in my home directory and malware running with my privileges
> > can delete all those files.
> 
> You can achieve the same effect with rm. Which is why users who value
> their data take every precaution to safeguard it. The system has
> limited responsibilty to protect you from yourself.

Right, with rm I can do the same damage, but then it is my own 
stupidity. However if some malware exploits a vulnerability of my 
system, I'm not so sure I can easily prevent major damage. After all, I 
wouldn't intentionally install malware on my system. 

> > That would probably be the greatest damage that could be done to my
> > system.
> 
> There is no damage to the system, only to the data which are in your
> home directory and which you are responsible for.

Well, my definition of "system" would include my own data. Of course 
your definition as "the OS with installed applications" sure makes sense 
as well. But I wouldn't care too much about damage to that type of 
system because it can be easily restored from the install CD.

> > Furthermore, as a normal user the malware can start applications
> > e.g. to join a botnet and send spam mails. That would also be a
> > major damage, this time for the network, not for my machine. And
> > again root access isn't necessary.
> 
> I can envisage how malware in $HOME could send email but how does it
> get the machine to join a botnet?

I think there is an IRC client installed on a default Ubuntu system. 
OTOH, malware used to join botnets and send spam might as well use its 
own binary to achieve that goal.


Nils




More information about the ubuntu-users mailing list