Jeff Tickle [EMAIL PROTECTED] wrote: > > And if Linux were ever sold pre-installed on computers in a store, this > could be a first-boot kind of thing. Nothing functionally changes; just > the wording, and if the user doesn't know they can log in as the > "configuration" (root) user, they won't. It's about wording, and how > that affects people's ideas. > > Just a thought *shrug*
It's -soooo- much easier than this. Apple has solved this problem in OS X. It's so simple, it's brilliant. On first boot, a user is asked to create an account for themselves. This is usually their name, and they get an option for a nickname. Then, they -always- log in as this user. Root is not enabled (OS X is UNIX under the covers, remember) and this regular user is obviously limited in what they can do. If they want to break out of that, they either use sudo from the command line, or a pop-up screen comes up where they must enter their password. (Yes, there are still social engineering things that can be done here, but it's irrelevant, see below.) Now, all that said, keep in mind that a virus really doesn't need to be root to spread. It can do all that just fine as your user. Maybe add a little magic to your .bashrc, .profile, .cshrc, .login, etc just for fun. It can still read your address book, it can still send mail as you (for propigation), it can still be used as a zombie to DDoS SCO. And with its addition of itself into your startup scripts, it won't go away. Now, it's not difficult to get rid of the little beasty, and it can't leave behind a rootkit, but it never needed root access at any point along the way. Windows is a target rich environment, nothing more, nothing less. The virus that I just described is pretty much how they work on Windows, with the exception of adding themselves to the system startup. A virus like this would also work on Solaris, AIX, FreeBSD, and even, OMG, OpenBSD (and any other multiuser operating system). Hell, it could even work on an SELinux system. All it takes is an email that says 'hey, run this attached script'. Mike -- "If life hands you lemons, YOU BLOW THOSE LEMONS TO BITS WITH YOUR LASER CANNONS!" -- Brak GNUPG Key fingerprint = ACD2 2F2F C151 FB35 B3AF C821 89C4 DF9A 5DDD 95D1 GNUPG Key = http://www.enoch.org/mike/mike.pubkey.asc
pgpryjxrvBEPF.pgp
Description: PGP signature
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
