How to write a Linux virus in 5 easy steps

One could also the permissions of user applications to do anything dangerous (including accessing the net or file I/O) in a PolicyKit-like way. Then one application could be kept from accessing another applications files (or generally, files with a mime type that it is not supposed to handle), and it could be kept from overwriting any files except the one it had opened. If the applications were hardened à la Chrome so that one process handled one document, they could even be prevented from reading documents other than the one they were currently editing. Basic tools like ls or whatever could still work as expected, but the limited applications would not be allowed to run them.

Well the .desktop thing can probably be fixed in that manner, but the fundamental problem is that there is no divisions or security within a user's environment.

When you have code running and connecting to the internet and then acting/interpreting on that data, much of which is coming from anonymous sources that is essentially running with full 'root' rights to anything and everything in a user's home directory then your going to have problems.

There remains a need to have a way to divide a user account between programs that are dealing with untrusted data and then stuff that has full privileges.

As it stands right now one security flaw in Firefox or your Jabber client or anything else (like Evince reading in PDF files you just downloaded) that is going out and fetching data from the internet and your entire account is compromised. There is no need to get root as the most important stuff is running with user privileges and is in your home directory.

Well ya.

but you don't want to hang the users out to dry.

My biggest pet peeve, for example, is when people tell other people that they are stupid for double clicking on a attachment in a email that ran a program that installed a virus.

It's very irritating because double clicking is about the only way to interact with the system. And _no_shit_ attachments in email can be dangerous, but why does the system react to double click in the most dangerous manner possible?

Users are trained by the UI to double click on everything and see what happens. So it's like it's a trap... extremely bad UI design.

So probably the policy for the UI is not to do anything automatically unless it's safe.

The unfortunate problem is that programs react the same if it's safe data vs having untrusted data.

------------------

Of course you shouldn't go out of your way to protect stupid users. If they insist on doing something potentially stupid then you should let them. Just don't do it automatically for them.

Something like that.

Not only a PEBKAC.. 'rm -Rf' works because the command name is obscure, telling users to type 'delete -recurse -noconfirm' would be far less successful..

I'd argue that a sensible designer should choose meaningful name for dangerous actions.
[ Yes I know that 'cp /dev/zero /dev/hda' would work too but for this to work you need to be root ]

>Other people also like to distance themselves from Unix. Remember what GNU
>stands for? That is not just a joke name. Linux is also
>not Unix for that matter.

Dear Mike, I'm sorry but you seem to have misunderstood both why GNU is called GNU and why Linux is Linux. RMS was not "distancing" GNU from UNIX. RMS was making a free CLONE of UNIX. RMS intended GNU to be an exact functional replacement for UNIX. You might want google up the original postings to usenet from RMS about the project.

RMS named GNU "GNU" as part of his way of making clear that GNU was to be completely free of any the original UNIX intellectual property despite being a clone of UNIX. Do you suppose that its just an accident that every tool the GNU folks built had exactly the same name and function as their UNIX counterparts? (And tweaks as well. I never met a programmer yet who could resist the chance to "flavor the pot" to their own personal taste when they could get away with it. :-) )

Both the GNU and Linux efforts were created in order to give the people who loved the power and elegance of UNIX, a free version of UNIX, complete with source code to work on themselves, without having to purchase an AT&T/Bell Labs source code license.

Your idea that GNU and LINUX are not UNIX show that you missed the conversation that happened at the time of their creation. The GNU tools and Linux were made to be as much like the original UNIX as they could be in every way that matters to programmers, while maintaining total separation from any of the source code from ATT/Bell so that they would be free from licensing costs and restrictions. If all you care about is the name "UNIX" being licensed, then you were never a UNIX or Linux person anyway.

For those who say Linux is not a "UNIX" because its not perfectly identical to UNIX, I say: "Hey thanks for the belly laugh!" Linux is just as identical to UNIX as ULTRIX, HP-UX, Domain-IX, SUNOS, BSD, AIX, SCO, and all the other "legal UNIX licensees" are to each other and to the original ATT/BELL UNIX (assuming you can resolve the differences between the teeming masses of UNIX versions Bell put out itself! How many were there? 20? 30? )

Your claims that names should be longer 3 or 4 chars and that "Modern systems" have both PATH and "tab complete" are amazingly lacking. UNIX and its clones/variants have had those for more than 25 years. In fact PATH was there in the 1970's. Probably longer than you've been alive. (Personally I approve of keeping comamnd names somewhat short as long as there is a mnemonic relationship in the name. Why make people type more than they have to? (Excuse me, I meant "cat" not "type" :-) Well, OK, cat isn't the best example of a mnemonic. :-) ) ) (Note these are parenthetical side notes, not Lisp code. ( Hey, these ARE the jokes folks! ) )

As for liking Python. Thats great. New languages come out of the UNIX/Linux environments all the time. UNIX/Linux even has tools for generating new languages. You are, of course, totally familiar with Lex and yacc. :-) What I especially like about python is how well it integrates with the "standard" UNIX/Linux environment. :-) That liking python might imply anything is wrong with the UNIX/Linux tools is an interesting notion.

The GNOME desktop vulnerability is a clear example of why the UNIX design legacy is a good one, well thought through and still applicable today. That vulnerability exists because the GNOME folks are trying to make LINUX just like Windows and sadly, within the confines of their project, they are suceeding. They are even introducing the typical Windows security issues!. Happily no one has to use GNOME and therefore Linux users can remain free of this Ballmer-esque disease of corruption. (Hey guys - try throwing a chair at your design, maybe that will improve it. ) The Gnome project is an excellent example of people ignoring the UNIX design philosophy and paying the price.

"Those who do not understand UNIX will re-invent it. Poorly." Has never been more true than today.

The quality of the UNIX design philosophy is becoming more and more clear as time goes forward. Even MS is busy today adding more and more UNIX-Like features to their OS. :)

Does this mean that Linux has to stay the same? Absolutely not. New features can and are being added all the time. Lets just make sure those new features are really new, not copies of MS mistakes and that those features actually work the way they need to, including security.

[N.B.]
To those who will inevitably protest that GNU and Linux aren't "UNIX", You are technically correct but only in terms if licensing. And that is true for good reason. It was made deliberately true by the GNU and Linux founders to make sure that GNU and Linux would be FREE of the ATT/Bell licensing encumberances and costs. Unlike all the flavors of UNIX, and there were quite a few, which were all hampered and restricted by the ATT/Bell labs ownership and licensing.

By creating a clean room style clones of UNIX, GNU and Linux gave a version of UNIX to the worlds programmers that they could use in a totally unrestricted fashion. The key point being that the GNU tools and Linux system WERE UNIX CLONES. Thats WHY they are and were so popular. Legally, NOT licensed from ATT/Bell, Functionally and design-wise - as darned near identical as they could be made to be by the best efforts of their creators. (subject to the perfidies of ego, of course. :-) )

The naming of GNU was done to emphasize the free licensed nature of GNU. Otherwise it was a functional clone (plus more) of UNIX tools.

Final postscript: To those who will try to play "geek gotcha" with this comment by finding obscure techno arcana or tortured interpetations of the above statements repurposed to support things other than what was said in the context above, you fail. The above posting is about the philosophical spirit of UNIX which GNU and LINUX completely engender and not about the legal-word-smithing typical of the "We-add-no-value-but-we-have-lawyers" approach typical of some people and companies. By trying the latter approach you actually support the statements made above. The spirit, not the letter rules here.