On Thu, 2009-12-10 at 12:29 +1100, Basil Chupin wrote:
I originally posted this in offtopic but think that this would be of interest to more people than just those frequenting offtopic. *No operating system can ever properly protect a computer from trojans as long as users continue to do silly things. Just because Linux is immune to your standard drive-by viruses it does not mean that it can escape trojan horses.* The latest reminder to be vigilant comes via the users unfortunate enough http://ubuntuforums.org/showthread.php?t=1349678 to download and install a malicious screensaver from gnome-look.org http://www.gnome-look.org/content/show.php/WaterFall+Screensaver?content=116.... Although the malicious content is now removed, the code fragments left show what the trojan's potential may have been. The program inserted a bash script into |/usr/bin/| by using |wget| and then executing the script. Originally the script's contents were a ping command but this was later changed to:
Nope, only superuser can create a file in /usr/bin; so this has no impact on "careless users", only careless admins. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org