Date: Wed, 1 Aug 2001 20:55:44 -0500 From: Mike Meyer <mwm@mired.org> To: Matthew Hagerty <mhagerty@voyager.net> Cc: questions@freebsd.org Subject: Re: just how many known viruses are there for FreeBSD? Message-ID: <15208.45856.59490.760556@guru.mired.org> In-Reply-To: <14171361@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Please don't top post. From Greg Lehey's tutorial on -questions at <URL: http://www.lemis.com/questions.html >: 9. Put your response in the correct place (after the text to which it replies). It's very difficult to read a thread of responses where each reply comes before the text to which it replies. I've not bothered trying to recover the format. If things are mis-attributed, flame the people who are top posting. Matthew Hagerty <mhagerty@voyager.net> types: > Being written in assembly has nothing to do with what a program can > do! All programs, no matter what language they are written in are either > compiled or interpreted down to "machine language" in order to be executed > by the processor. This is wrong. Interpreted programs aren't "interpreted down to machine language". They may not even be "interpreted by machine language", though at the bottom level that's what's going on. If the distinction isn't clear to you, I'll be glad to explain further. > At 07:01 PM 8/1/2001 -0400, you wrote: > >Not entirely true. A hacker group recently completed the winux virus > >that is capable of infecting both the Linux and Windows OSs. It is a > >proof of concept virus, and IIRC, it is written entirely in assembly - > >meaning that theoretically, it can infect pretty much any ix86 based > >OS. Also wrong, so much so that I'm not sure where to start. Writing in x86 assembly means the thing won't run on anything but x86 machines. Accessing OS functions will keep it from executing on anything that provide that OS's API. In compiled languages, those functions are normally provided by library functions or compilers stubs. It's possible to write code to detect which platform you're running on and use the appropriate APIs. The code will fail on any OS that doesn't provide any of those APIs. In the Winux case, it'll fail on BeOS, Solaris, or BSD without Linux emulation. The other issue is that systems with Unix-like protection, a virus can only infect binaries that it has permission to write to. Unless it's running as root, that means "not much". That's why root exploits are such a big deal on Unix, and why logging in as root and running things as root is discouraged. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15208.45856.59490.760556>