On Fri, 5 Feb 1999, Mitchell Gil Maltenfort wrote:
> Something else to be wary of is that installed programs may be trojans
>or
> destructive. There was a contaminated version of tcp-wrappers for a while,
> I believe. One of the advantages of source code over a package installation
> is that with the source code, you can read the program to be certain what
> you're getting (assuming it's not a long and murky program :^>). When you
There is the option to check with pgp or use a checksum to be sure
your source is the real one. Just in case there is a big program.
> install a binary, you take the risk that there may be something nasty in the
> binary. The safest option is to stick with source code and plain text,
> where there's no way to hide a virus.
> Things I'm not sure of - anybody? - are whether a GIF or JPG or XPM can
> contain a virus, and whether Java applets could be destructive to a Linux box.
GIF/JPG or any immage can contain a virus. Any file can contain a
virus. But this is not relevant. The important part is that you _have_
to run it in some way in order to 'wake' the virus. So pictures are safe,
because they are read of editend, but never run. Vulnerable are only
executables - in dos/win .exe .com .dll .prg...
Java applets can be as dangerous as a macro virus... but in Linux
we have permissions. If you surf as root - my oppinion - you deserve it.
root is there to use only on several ocasions. And never for common
tasks like surfing.
Raider
--
``Liberate tu-temet ex inferis''
