create a boot-able disk from an iso file
Nils Kassube
kassube at gmx.net
Wed Jan 12 17:19:42 UTC 2011
Brian wrote:
> On Tue 11 Jan 2011 at 23:42:49 +0100, Nils Kassube wrote:
> > I think root access isn't necessary at all for doing serious
> > damage. For a "normal user" like me, the most valuable data are
> > stored in my home directory and malware running with my privileges
> > can delete all those files.
>
> You can achieve the same effect with rm. Which is why users who value
> their data take every precaution to safeguard it. The system has
> limited responsibilty to protect you from yourself.
Right, with rm I can do the same damage, but then it is my own
stupidity. However if some malware exploits a vulnerability of my
system, I'm not so sure I can easily prevent major damage. After all, I
wouldn't intentionally install malware on my system.
> > That would probably be the greatest damage that could be done to my
> > system.
>
> There is no damage to the system, only to the data which are in your
> home directory and which you are responsible for.
Well, my definition of "system" would include my own data. Of course
your definition as "the OS with installed applications" sure makes sense
as well. But I wouldn't care too much about damage to that type of
system because it can be easily restored from the install CD.
> > Furthermore, as a normal user the malware can start applications
> > e.g. to join a botnet and send spam mails. That would also be a
> > major damage, this time for the network, not for my machine. And
> > again root access isn't necessary.
>
> I can envisage how malware in $HOME could send email but how does it
> get the machine to join a botnet?
I think there is an IRC client installed on a default Ubuntu system.
OTOH, malware used to join botnets and send spam might as well use its
own binary to achieve that goal.
Nils
More information about the ubuntu-users
mailing list