Paul Farber <[EMAIL PROTECTED]> writes:
> BZZT... but joe blow can't delete SYSTEM FILES, or any file the he does
> not own. Log on a a LUSER and try rm -rf /etc see what gets deleted.
> Not a darn thing. Same for /bin /sbin etc etc etc.
> My trusty vi editor can shell out, but it will only let me harm myself,
> not another user or the system proper.
You didn't read the whole thing I wrote about single-user vs. multiuser
operating systems. If you delete everything on your hard drive under
Windows, you *are* only harming yourself, since there *are* no other
users. All the files on the disk are yours if you're sitting in front of
the computer. You can do the same thing under Linux if you always log on
as root. Windows just doesn't have a user other than root.
The distinction between system files and user files is only meaningful for
a multiuser operating system where you have the possibility of a user
identity other than God.
Furthermore, remember that this particular virus only has to send mail.
It doesn't have to modify system files. It only has to modify your
personal document files. It would therefore work just fine on a Unix
system given a suitable Unix application. It is *not* Microsoft-specific
in concept; it is only Microsoft-specific in implementation. Were some
other operating system run by 90% of the computer users in the world,
you'd see these sorts of things written for that operating system.
Don't fool yourself that it can't happen to you simply by virtue of
running a different operating system. The only way it can't happen to you
is if you always *think* before running random programs on stuff you get
via untrusted channels.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
