[Techtalk] Linux email viruses

Conor Daly c.daly at met.ie
Thu Jul 22 08:23:02 EST 2004


On Wed, Jul 21, 2004 at 08:28:46PM -0700 or thereabouts, Carla Schroder wrote:
> On Wednesday 21 July 2004 6:32 pm, Meredydd wrote:
> > 
> > You kidding? There are millions! It's more secure, but unfortunately not 
> > impervious :-(
> 
> I meant email-borne. Easy now, I didn't mean to raise your blood pressure so 
> high.  :)

The real answer to that is "it depends...".  The issue is (briefly)
addressed in a longer FAQ on the subject of linux viruses at:

http://linuxmafia.com/~rick/faq/index.php?page=virus

In particular it says:

"the Unix community long ago became wary of auto-executing programs" 

and this is the crux of the issue.  If you can fine an MUA that will
autoexecute an attachment (or activeX type HTML), you stand a chance of
propagating a virus, iff it can find another user using the same MUA.
Otherwise, a linux-based email-borne virus requires the following steps to
propagate:

1.  Convince the recipient that the attachment is worth running.
2.  Have the recipient save the attachment.
3.  Have the recipient give the attachment execute permissions (MUAs
    typically save with rw permissions only).
4.  Have the recipient execute the attachment.
5.  Identify the recipient's mailbox file and format.
6.  Run an MUA to resend itself.

So, it's possible but very very unlikely...

Conor
-- 
Conor Daly,                   Please avoid sending me 
Met Eireann, Glasnevin Hill,  Word or PowerPoint attachments.
Dublin 9, Ireland             http://www.fsf.org/philosophy/no-word-attachments.html
Ph +3531 8064276 Fax +3531 8064247


**********************************************************************
This e-mail and any files transmitted with it are confidential 
and intended solely for the addressee. If you have received
this email in error please notify the sender.
This e-mail message has also been scanned for the
presence of computer viruses.
**********************************************************************



More information about the Techtalk mailing list