[SATLUG] Scarry stuff...How to write a linux virus in 5 easy steps

Charles Hogan cd_satl at futuretechsolutions.com
Thu Feb 19 15:08:40 CST 2009


One problem, IMHO, that I see with this approach is that it "trains" the 
newbies to type sudo before anything else that they do in the command 
line without knowing/understanding why.  Another problem is that someone 
targeting *buntu systems, and those with a similar initial 
configuration, will just insert "sudo " to the beginning of the relevant 
commands in their script to give themselves root privileges.

While I do agree that there are some very useful things that can be done 
with sudo, I am of the opinion that a newbie should first learn enough 
that he/she goes looking for visudo to enable those things, rather than 
giving them root privilege straight from their user account up-front. 
You never look for things you don't know you need.

James Tiner wrote:
> I used to be a drake/driva parter for the longest time. it was my fave
> distro until the shakeup in leadership. I switched to kubuntu.
> 
> on *buntu, the first user is added as a sudoer automatically and you
> usually use sudo to do admin stuff. If it makes you feel at home, you
> can do 'sudo su -' and then passwd to set the root password and then
> remove your username from sudo using visudo. there are some pretty good
> reasons to use sudo such as allowing specific commands for specific
> users and additional logging for those commands. some consider it more
> secure. just a thought
> 
> 
> 
> On Thu, 2009-02-19 at 12:02 -0600, John D Choate wrote:
>> On Thursday 19 February 2009 11:33:08 James Tiner wrote:
>>>  responsibility and accountability
>>> away from the user? These trojans are not using an open hole in the code
>>> to get through, they are using social engineering to get through. Of
>>> course, this is a hypothetical and not 'in the wild' thing so I don't
>>> think that it is a big problem now, but the old saying is if it is not
>>> expected and not from someone you know, then delete it. That truly fixes
>>> this problem. Practice safe computing. 
>> Yes, that whole article didn't really bring up anything new. I'm surprised that the author even took the time to write such a long-winded 'paper'.
>>
>> On a related note... I recently installed Ubuntu (I.I.) on a couple of machines and found something really quirky.
>> Being a 'drake/'driva user, I am accustomed to assigning a root password as well as the user account(s) and their password(s) during installation.
>> During the Ubuntu installation, I was only asked for a single password for the primary user, and none to be defined for root. Then the single user password is used not only for logging in the user, but for system administration and software installation, etc. as well.
>> What the hell? That seems pretty screwed up to me. That gives rise to the possibility that ubuntu would be easier to exploit than other linux systems, with only the user password to be compromised.
>>
>>
>> John C.
>>
>>
>> p.s. Scarry stuff indeed...
>>
>> Scar´ry
>> a. 1.	Bearing scars or marks of wounds.
>>     1.	Like a scar, or rocky eminence; containing scars.
>>
>> Webster's Revised Unabridged Dictionary, published 1913 by C. & G. Merriam Co.
> 


More information about the SATLUG mailing list