Path: utzoo!mnetor!spectrix!clewis From: clewis@spectrix.UUCP (Chris Lewis) Newsgroups: comp.misc Subject: Re: Trojan Horse a Myth? Message-ID: <350@spectrix.UUCP> Date: 21 Dec 87 21:45:59 GMT References: <459@gtx.com> <2393@killer.UUCP> <337@spectrix.UUCP> <1931@utx1.UUCP> Reply-To: clewis@spectrix.UUCP (Chris Lewis) Organization: Spectrix Microsystems Inc., Toronto, Ontario, Canada Lines: 53 In article <1931@utx1.UUCP> ashley@utx1.UUCP (Ashley Oliver) writes: >In article <337@spectrix.UUCP>, clewis@spectrix.UUCP (Chris Lewis) writes: >> >> A minor quibble - have you ever used PC/MSDOS? It's very simple to >> break security on these machines because there ain't none. Many BBS's > >Another minor quibble. It depends what you mean by 'break security' >and I suspect Chris Lewis and I are thinking of different aspects, Partially. >but I'd claim MS-DOS is a lot more secure than UNIX on the simple >grounds that any single user/single tasking OS is inherently several >orders of magnitude more secure than any multi user/multi tasking OS. Um, yes, MS-DOS is infinately more secure than UNIX w.r.t. one user leaving trojan horses around for another user. By definition - there aren't any other users.... On the other hand though, MS-DOS is considerably more vulnerable to trojans and viruses from any program obtained from the "outside". Neither the O/S or hardware is protected in any way. Once a program is running, there's nothing to stop it from doing anything it wants. A program can read or write anything (eg: diddle the O/S) or manipulate the hardware directly. Leading to DOS boot blocks containing viruses etc. This is made more tractible by the fact that in the MS-DOS world, sharing of binaries between users happens much more often than in UNIX. In the UNIX world, most of the binary programs come from (hopefully) reputable software vendors. In contrast, UNIX (as are most other Multi-user O/S's) are relatively safe from trojans or viruses of this type. Because the O/S is protected by an MMU (except on some brain-damaged hardware like PC's), user-level programs cannot access devices directly, user-level programs cannot diddle disks directly (unless the SA goofed and made the devices writable), most drastic things require super-user permissions, etc. I'm not saying that there aren't holes in UNIX - there are many (many of which apply to ANY multi-user system). But at least most of them can be plugged by a diligent SA. And almost all of the rest can be plugged by enhancements to the kernel or shell. Without making it "not UNIX". It's probably impossible to make MS-DOS significantly less vulnerable to viruses without changing quite a bit of the spec and breaking a LOT of existing "good" software. Why? Well, lots of the "good" programs do things to your hardware that's indistinquishable from what a "bad" program wants to do. Eg: many "good" programs bypass DOS disk drivers and talk directly to the controller for various reasons. So would a virus... -- Chris Lewis, Spectrix Microsystems Inc, UUCP: {uunet!mnetor, utcsri!utzoo, lsuc}!spectrix!clewis [Also: lsuc!clewis in a pinch] Phone: (416)-474-1955