Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!uakari.primate.wisc.edu!zaphod.mps.ohio-state.edu!usc!elroy.jpl.nasa.gov!jarthur!uunet!mcsun!ukc!icdoc!qmw-cs!liam
From: liam@cs.qmw.ac.uk (Paul Davison (postmaster))
Newsgroups: comp.unix.aux
Subject: Re: Mac OS Viruses under A/UX 2.0
Message-ID: <2303@sequent.cs.qmw.ac.uk>
Date: 31 May 90 11:21:50 GMT
References: <402@creatures.cs.vt.edu>
Distribution: comp.unix.aux
Organization: Computer Science Dept, QMW, University of London, UK.
Lines: 41

In <402@creatures.cs.vt.edu> davism@creatures.cs.vt.edu (Mat Davis) writes:

>In the fall, we plan to put A/UX 2.0 on ten lab machines and we'd like to
>allow users to run the Mac environment if they like.  Has anyone experimented
>with viruses under 2.0?  I'm hoping that if we set the machines up correctly
>A/UX will be able to prevent a virus from infecting them, but I don't have
>copies of any viruses to try.

I tried WDEF and nVIR B on an early A/UX 2.0 beta and neither
of them were harmful: WDEF didn't do anything, nVIR could be
persuaded to infect the System file but not to pass on the
infection to other applications launched from A/UX filestores
(we didn't try Mac floppies or HFS volumes).

Expect viruses to work under A/UX before long - the
compatibility is getting pretty good... :-) :-( ?

>It seems as if the normal Unix protections should stop the viruses, but the
>Mac Toolbox appears to have at least *some* special privileges (such as being
>exempt from the "10% free" limit on ufs filesystems) and that leads me to
>wonder if that would weaken the protections.

This isn't true - the Macintosh emulation runs as you and
doesn't subvert the normal A/UX permissions (as far as I can
tell). It definitely doesn't sidestep the "minfree for root"
aspect of BSD filesystems.

>As a last resort, we *could* create a new, clean system folder each time the
>'guest' user logs in, but that will slow the login process considerably.

Won't help you, unless you have extra clean copies of the
applications as well. We do however run a system which
broadcasts complete disk images to our A/UX client machines
(currently A/UX 1.1.1) which would at least give you a clean
machine first thing in the morning.
-- 

William Roberts                 ARPA: liam@cs.qmw.ac.uk
Queen Mary & Westfield College  UUCP: liam@qmw-cs.UUCP
Mile End Road                   AppleLink: UK0087
LONDON, E1 4NS, UK              Tel:  071-975 5250 (Fax: 081-980 6533)