James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers.
Assuming you're running as a mere mortal and not root, how does it start a root shell?
If the web admin didn't make sure to set up a user account for the web server, then it's most likely running as root, and so all child processes would also be root.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org