Linked by Thom Holwerda on Fri 3rd Feb 2006 22:41 UTC
Bugs & Viruses Security watchers say the Kama Sutra worm, which is programmed to overwrite files on infected Windows PCs today, will have a damaging but not catastrophic effect. The Kama Sutra worm (or Nyxem-E or Blackworm) poses as an email message offering a variety of salacious content. Subject lines used in the malicious emails include: The Best Videoclip Ever, Fw: SeX.mpg, Miss Lebanon 2006 and Fuckin Kama Sutra pics. The worm, which can also spread across network shares, only affects Windows PCs.
Thread beginning with comment 92530
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Too bad eh..
by SlackerJack on Sat 4th Feb 2006 00:20 UTC in reply to "RE: Too bad eh.."
SlackerJack
Member since:
2005-11-12

Your saying linux users are more techie people, yet you think they would make this script execuable?, thats a contradiction. Remember please that scripts dont come executable in Linux. since this is what makes Linux desktop much more secure.

Reply Parent Score: 5

RE[3]: Too bad eh..
by jaylaa on Sat 4th Feb 2006 00:35 in reply to "RE[2]: Too bad eh.."
jaylaa Member since:
2006-01-17

Remember please that scripts dont come executable in Linux

Why don't they? Is that just by convention or is there actually some safeguard which prevents it?

Reply Parent Score: 1

RE[4]: Too bad eh..
by raver31 on Sat 4th Feb 2006 00:52 in reply to "RE[3]: Too bad eh.."
raver31 Member since:
2005-07-06

yes, there are safeguards against it.

first and foremost...

all files you download are simply that, files.
you have to make them executable, then run them.
Sometimes however, you can download a binary file from a webpage with the execute bit set, but that leads to the next stage.......

Permissions.

although YOU downloaded the file and YOU set the execute bit to true, if you had a titter of wit about you, you would have already set up your partitions so that files on /home cannot run, so any downloads on there will need to be physically moved into your path so that they can run.

As you can see, malware would be ineffective against safegaurds like these. Any that did find its way into your system would sit there dead in your /home

HOWEVER

I have seen some people set up there systems so that users can run programs from their /home. This is VERY bad practice, and destroys one of the defenses Linux has over malware.

Reply Parent Score: 3

RE[4]: Too bad eh..
by Richard James on Sat 4th Feb 2006 01:24 in reply to "RE[3]: Too bad eh.."
Richard James Member since:
2005-07-07

Remember please that scripts dont come executable in Linux

Why don't they? Is that just by convention or is there actually some safeguard which prevents it?


That is due to umask. When you download a file it is created as a new file. All new files in Linux have their permission set from the umask which is by default 022 on most systems.

The permissions are umask & 077, so umask of 022 is 644 which is -rw-r--r-

if you create a file that is a script in Linux you will then have to chmod the permissions to execute before it is run.

Yes this is a security safeguard.

Reply Parent Score: 3

RE[3]: Too bad eh..
by Wrawrat on Sat 4th Feb 2006 00:46 in reply to "RE[2]: Too bad eh.."
Wrawrat Member since:
2005-06-30

If they can click an executable file, they can make the script executable by changing its permissions... Never overestimate the user when it comes to attachements. At first, the complexity of the commands (compared to point and click) might put them off, but if they want to see that Miss Lebanon, they will try to.

Call me a pessimist, but if some people are gullible enough to open an attachement from an unknown source...

Reply Parent Score: 1

RE[4]: Too bad eh..
by SlackerJack on Sat 4th Feb 2006 01:05 in reply to "RE[3]: Too bad eh.."
SlackerJack Member since:
2005-11-12

So which is it?, people have been ranting Linux is not ready for the desktop because it's not easy to install or run stuff. Now your saying a new computer user can make the script executable from his email?

Do I hear double standards here?, Yes I think so.

Reply Parent Score: 3