| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.NEB.4.64.0711012208330.24196@panix5.panix.com> Date: Thu, 1 Nov 2007 22:14:50 -0400 (EDT) From: Jay Sulzberger <jays@...ix.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: mac trojan in-the-wild On Thu, 1 Nov 2007, Paul Schmehl <pauls@...allas.edu> wrote: > --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge" > <adamst.onge@...il.com> wrote: > >> So if i put a picture of a naked girl on a website and said to see more >> you must open a terminal and enter "rm -rf". >> >> >> Would we consider this a trojan...or just stupidity? >> > I would consider it stupidity to think that that is comparable to a trojan. > > Paul Schmehl (pauls@...allas.edu) I think, under the standard Unix system of permissions, this is a Trojan. Under the standard Unix system of permissions, every application running in my home directory can issue an 'rm -rf /home/me' and, without proper near in time backup, cause me much annoyance. The defect lies in the system of permissions. There exist systems of rolling off-machine backups and minimum privilege permissions systems, but they are not yet standard. oo--JS. > Senior Information Security Analyst > The University of Texas at Dallas > http://www.utdallas.edu/ir/security/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists