Even more, from the discussion I've seen (including by some folks who have
found the source code), this only affects BINARIES that are writable. So,
if you store binaries in your home directory, or in /home, or in /, for
which you have write permission (why anyone would make a binary writable,
I don't know), it can affect it. If you give the binary r-x permission
only, virus stopped. Scripts don't appear to be affected.
Lessons:
1. Don't run untrusted binaries (it's delivered through e-mail, or
programs you download off the web). Especially, don't double-click on
executables that are mailed to you.
2. Don't do things are root, but as yourself
3. Don't make binaries writable unless you can come up with a very good
reason.
4. Don't mount your linux partitions into Windows.
5. Don't mount Windows partitions directly into your home directory.
6. Run all services in chroot'd jails or as a user name, NOT as root.
Basically, the same precautions you should be taking any way.
jeff
ps: one final lesson: Don't run Windows ;-)
-----------------------------------------------------------------------
Jeffry Smith Technical Sales Consultant Mission Critical Linux
[EMAIL PROTECTED] phone:603.930.9739 fax:978.446.9470
-----------------------------------------------------------------------
Thought for today: creep v.
To advance, grow, or multiply inexorably. In
hackish usage this verb has overtones of menace and silliness,
evoking the creeping horrors of low-budget monster movies.
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
