OT: Linux Malware is possible? if it is :(
Richard Heck
rgheck at comcast.net
Wed Dec 2 16:04:58 UTC 2009
On 12/02/2009 10:09 AM, Dave Ihnat wrote:
>
> Secondly, once you (as the bad guy) get a user to run something for you,
> you can start poking at the system itself. In this case, you're looking
> for a flaw in the system security itself--either misconfiguration, or
> an actual hole in some program or service that a normal user can run
> or use.
>
>
As has been pointed out, however, serious damage can be done even if the
cracker never gets root privileges. One could install new extensions to
Firefox, for example, that would give the cracker access to passwords.
Or install programs into the user's home directory, run them from
.bash_profile, or whatever, and send spam around the world just using
"mail", the messages themselves being downloaded via wget. Etc, etc. All
very dangerous.
Richard
More information about the fedora-list
mailing list