James Knott wrote:
Michael Letourneau wrote:
I think people are confusing virus with Trojan. From my old PC support days, most of the virii that were in the wild were tied to Office documents, or existed on boot sectors of floppies and hard drives. Nothing to "execute" there. I think it would be pretty easy for a virus to exist on linux systems. There is no requirement that it destroy the system, no requirement that it has root privileges, nor any requirement that it affects more than one person. All it takes is OpenOffice to have a hole that can be utilized, or Thunderbird, or Kmail or any application that most desktop linux users would use. That would allow the user to be infected, and to attempt to affect others. Sounds like a virus to me. But yes it would be restricted to the privileges that that user has. But nothing stops a linux desktop user from launching a bunch of process' that would make it as much of a zombie machine as a desktop windows box.
A boot sector virus is executed every time the computer is booted. Any OS can be vulnerable to a boot sector virus during booting, because the OS is not running at that time. The only protection is what's provided with the BIOS. On the other hand computers running protected operating systems, such as Linux or OS/2 cannot be infected when running, as they have mechanisms to prevent it. DOS and DOS based versions of Windows (3.1, 95, 98 etc) do not have such protection and can be infected whenever the virus is run.
Yes true, not typically what is thought of executing though, and not really what my point was. My point was that everyone was talking about having to have the file be "executable" and executed in order to get infected. That is not true. If you actually have to execute it, thats a trojan, not really a virus. But again, in either of those cases not being root does not necessarily prevent your machine from being infected and/or the possible results thereof. Everyone remembers Melissa, http://www.cert.org/advisories/CA-1999-04.html, if that were designed for a Linux system, not being root would not stop/prevent it at all. Michael -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org