Linux: security through obscurity?
Linux: security through obscurity?
Posted Nov 5, 2004 15:32 UTC (Fri) by jaclu (guest, #7280)In reply to: Linux: security through obscurity? by dps
Parent article: Linux: security through obscurity?
>2. My normal user identity, which is all a email worm is likely to get,
>does not have write permission to the system binaries, boot scripts
>and other things commonly targeted by windows virii and worms.
Simply not true.
If I could get Joe User to run a malware, it could install itself to be
run from .bashrc or similar each time user logs in, and by binding to a high port a listening daemon could be started without root privs.
Since he propably will login when he starts his system, the evil-daemon will be started, then it runs until machine is shutdown regardles if user is stil logged in.
So if you can get your malware to be run with or without userintervention, a daemon can an will be installed.
Posted Nov 5, 2004 16:59 UTC (Fri)
by oak (guest, #2786)
[Link]
yes, and then the user daemon can output somewhere in the net system Linux: security through obscurity?
information and fetch back a root exploit specific to that version of
kernel etc. Or listen to requests from network to test latest root
exploits until one is found that gains the root rights...