[linux-elitists] Comprehensive list of Linux malware

Andrew Kohlsmith akohlsmith-le@benshaw.com
Fri Nov 19 13:26:32 PST 2004


On November 19, 2004 04:15 pm, Rick Bradley wrote:
> This makes it kind of hard to say, save a file that you might actually
> want to be able to actually do something with though, doesn't it?

Not necessarily; the two users could share the same group and the filesystem 
permissions allow you to pull data back and forth.  This of course opens up a 
hole where you can copy the executable to your regular user and wreak havoc 
on your data.

Alternatively you could use the same sudo interface to a file manager which 
would allow you to copy files back and forth; the filemanager may even 
include malware scanners such that the act of copying a file over forces a 
scan -- this would at least minimize the impact of malware scanners eating up 
your resources for the 99% that there is nothing bad waiting in that tarball 
or RPM.

It's certainly an idea-in-progress but the gist of it is separating the bulk 
of the access to the Big Bad Innernet to a sandboxed and throw-away user 
account.  No system is perfect but the one proposed here certainly hits the 
80/20 rule, and with minimal effort.

-A.



More information about the linux-elitists mailing list