James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the
definition of a virus. If so, there have been Linux viruses in the wild.
I still have a copy of a loader script and the IRC bot[0] that was
installed by it, grabbed from an infected server just over 2 years
ago[1].
IIRC, the method of infection for that particular worm was to insert
shell commands[2] into a URL passed to a web server running an
exploitable version of PHP. The commands were executed by a root shell
and was used to download the loader script, set its mode to 744 and then
execute that. The script in question downloaded 2 files, one was the IRC
bot, the other was used to search out and try to infect other web
servers.
Assuming you're running as a mere mortal and not root, how does it start
a root shell?
If the web admin didn't make sure to set up a user account for the
web server, then it's most likely running as root, and so all
child processes would also be root.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
