Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!samsung!umich!sharkey!msuinfo!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: CHESS@YKTVMV.BITNET (David.M.Chess)
Newsgroups: comp.virus
Subject: Re: Death of a Virus
Message-ID: <0003.9004111326.AA11326@ubu.cert.sei.cmu.edu>
Date: 10 Apr 90 05:00:00 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 20
Approved: krvw@sei.cmu.edu

kelly@uts.amdahl.com (Kelly Goen) writes, apparently in response
to a posting of mine:

> Yes dave but under environments which use say the VM8086 model on
> the 386 (such as VPIX) file writability and/or hardware acces is
> TOTALLY under the control of unix...  weak unix security weak dos
> security good unix security = good dos security in this case....

My point was that putting file access under the control of the
operating system *doesn't help*, at least not as much as people
generally assume.  Viruses spread by writing to files that they are
*allowed* to write to; they don't depend on a lack of security.  If
most programs have write access to only a few other programs, viruses
may not be able to spread as fast; but lowering the exponent on an
exponential spread helps surprisingly little.

Now of course this may be what you were saying; I'm not entirely sure
I understand the posting...

DC