[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: mail trojans in linux
- To: "Linux-IL mailing list" <linux-il(at-nospam)linux.org.il>
- Subject: RE: mail trojans in linux
- From: "Tzahi Fadida" <muaddib(at-nospam)mailandnews.com>
- Date: Sun, 9 Sep 2001 14:53:14 +0200
- Delivered-To: linux.org.il-linux-il@linux.org.il
- Importance: Normal
- In-Reply-To: <Pine.GSO.3.95-heb-2.07.1010909134129.14260B-100000@csd>
- Reply-To: <muaddib(at-nospam)mailandnews.com>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
I don't think that stupid is relevant here in relation to the client side.
I think stupid does apply when u run user applications on root accounts or with root setuid.
Fact is - linux warns u not to run root apps when u load X.
who cares if one user data is got erased, when the other users don't.
However, i think that a preventive approach should be considered if there are important materials in
a particular user directory which are not periodically backuped. you could, in essense run some email checker for your users before they get it into their clients because no matter what u'll do, your users will always fall for Social Engineering atacks.
* - * - *
Tzahi Fadida
Tzahi@mailandnews.com
Fax (+1 Outside the US) 240-597-3213
* - * - * - * - * - *
-----Original Message-----
From: linux-il-bounce@cs.huji.ac.il [mailto:linux-il-bounce@cs.huji.ac.il]On Behalf Of Tzafrir Cohen
Sent: Sunday, September 09, 2001 12:55 PM
To: Ely Levy
Cc: Linux-IL mailing list
Subject: Re: mail trojans in linux
On Sun, 9 Sep 2001, Ely Levy wrote:
> sure download a vbs interperter for linux and use the magic key option of
> the kernel to execute it.
>
> then you'll have your own opensource linux mail torjan;)
I don't need no VBS script for that: bourne shell is good enough...
It's really no big deal to write a small perl/bash/whatever script that,
upon execution opens big holes in the system (depending on the priviliges
on the user executing the script, and on the circumstances).
The issue with VBS scripts is that mail clients easily execute scripts
from messages they recieve. I hope no mail client in the linux areana will
be as stupidly-designed as that, now that this lesson has been learned the
hard way by outlook and alike (if it ever needed learning).
(And the same mail clients easily execulte any other windows executable:
PE and other binarie can cause the same ammount of damage)
--
Tzafrir Cohen
mailto:tzafrir@technion.ac.il
http://www.technion.ac.il/~tzafrir
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il