Linked by Thom Holwerda on Wed 5th Apr 2006 17:37 UTC, submitted by Mark
Linux "In GNU/Linux, file access is restricted. Users don't necessarily have the same rights when it comes to deleting, executing or even reading files. In fact, every file contain data such as its owner, its permissions and other information which defines exactly what can be done with it, and by whom."
Thread beginning with comment 112189
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: a recommended read
by Soulbender on Thu 6th Apr 2006 09:36 UTC in reply to "RE[2]: a recommended read"
Soulbender
Member since:
2005-08-18

"as the article plainly shows, there is the file permission "defenses" that it has to get around first."

It's not a defense again spyware or viruses. Please try to understand the issues at hand. While file system permissions is a perfectly working defense against users modifying or accessing files they have no business with, it does not provide a defense against spyware or certain kind of viruses.
You see, not all malware is designed to screw up your box, it would be counter-productive for them. What they want is just to be able to run an application, any application, as an unprivilieged user, ie as you. They just sit unnoticed in the background, relaying huge amounts of spam or participating in botnets. Wrecking your box by screwing with system files would only draw unnecessary attention to their existance.

Edited 2006-04-06 09:37

Reply Parent Score: 1

RE[4]: a recommended read
by jaboua on Thu 6th Apr 2006 13:38 in reply to "RE[3]: a recommended read"
jaboua Member since:
2005-09-08

Well... A virus is something that infects the system and screws it up...

But malware may have a hard time as well, if it's left without executable permissions.

Reply Parent Score: 1

RE[5]: a recommended read
by Morin on Thu 6th Apr 2006 19:30 in reply to "RE[4]: a recommended read"
Morin Member since:
2005-12-31

> But malware may have a hard time as well, if it's left without executable permissions.

Specially forged data files do not have executable permissions but execute code anyway through buffer overflow attacks.

Not all scripting interpreters require the script to have executable permissions. The script could also be embedded in a datafile.

Social engineering attacks don't have a hard time in making the user set executable permissions.

... and so on. You can of course pretend the problem doesn't exist. But you could also understand the cause of these problems, why file permissions alone *don't* handle them, and find a better solution. This doesn't mean file permissions are useless - in fact they'd probably play an important role in a proper solution. But they are not a solution to everything if taken alone.

On a side note, many "computer specialists" avoid responsibility for social engineering attacks altogether, probably with excuses such as "people shouldn't be so stupid", or "we can't solve this problem anyway", or "we aren't the right people to solve this problem", or whatever. Saying that file permissions solve the malware problem tends to lead in the same direction.

Reply Parent Score: 1

RE[5]: a recommended read
by Soulbender on Fri 7th Apr 2006 02:54 in reply to "RE[4]: a recommended read"
Soulbender Member since:
2005-08-18

"A virus is something that infects the system and screws it up..."
No, a virus is something that infects a system and uses it to spread further. Damaging the infected system is not always a goal.

"But malware may have a hard time as well, if it's left without executable permissions."
Not really, since the owner of a file always can change its permissions and a file can still be run even if it doesnt have the execute permission (ie "/bin/sh somescript").

Reply Parent Score: 1