Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: 76476.337@CompuServe.COM (Robert McClenon)
Newsgroups: comp.virus
Subject: Unix and Mainframe Viruses
Message-ID: <0014.9101021349.AA03694@ubu.cert.sei.cmu.edu>
Date: 23 Dec 90 16:03:55 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 22
Approved: krvw@sei.cmu.edu


	A point seems to be being overlooked in the recent discussion
of the vulnerability of Unix to viruses.  It was overlooked in the
past discussions of the vulnerability of mainframes to viruses.

	It isn't necessary for a virus to infect or subvert the
operating system to cause damage.  A Unix virus only needs to
infect applications to which the user has the Write privilege.  A
VM virus only needs to infect applications on the user's read-write
minidisks.

	It is true that most MS-DOS and Macintosh viruses subvert the
operating system or operating system software somehow: the System
file, the boot sector, the Desktop, COMMAND.COM.  But that is not an
essential characteristic of viruses or the virus threat.  The general
threat is still present even if the threat to the operating system is
absent.  And if there are vulnerabilities in various versions of Unix
to a gradual escalation of the privileges of the virus code, as one
correspondent said, the threat is greater.

			Robert McClenon
	(Neither my employer nor anyone else paid me to write this.)