Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!samsung!sol.ctr.columbia.edu!bronze!cica!ogre!will
From: will@ogre.cica.indiana.edu (William Sadler)
Newsgroups: comp.sys.novell
Subject: Re: A virus on a novell LAN.
Message-ID: <10179@cica.cica.indiana.edu>
Date: 29 Jan 91 15:17:48 GMT
References: <1991Jan21.210144.21385@cerberus.bhpese.oz.au> <1991Jan23.001244.8432@techbook.com>
Sender: news@cica.cica.indiana.edu
Reply-To: will@ogre.cica.indiana.edu (William Sadler)
Organization: Center for Innovative Computing Applications
Lines: 24

In article <1991Jan23.001244.8432@techbook.com> kenh@techbook.com (Ken Haynes) writes:
>In article <1991Jan21.210144.21385@cerberus.bhpese.oz.au> david@cerberus.bhpese.oz.au (David Masters) writes:
>This can occur if the infected account
>has supervisor privledges, or the .exe or .com files are in an area that
>is read/write and the files themselves are read/write.  NW security is
>pretty tight when applied properly.
>
>Ken
>
It was my understanding that only the removal of the write right from a
directory could effectively prevent the pread of certain virii (like
Jerusalem B).  Flagging the file SRO will not keep the virus from
infecting it.  Revoking the Modify right and flagging it SRO will
work.  But revoking write seems to be the only sure way.

See Netware Connection, Sept/Oct 1990 p.2

Will

--
***************************************************************************
*   _______________\|/_      Will Sadler     will@ogre.cica.indiana.edu   * 
*   Laser 44888    /|\                       sadler@iubacs.bitnet         *     
***************************************************************************