Path: utzoo!mnetor!uunet!husc6!mit-eddie!ll-xn!ames!aurora!labrea!glacier!jbn
From: jbn@glacier.STANFORD.EDU (John B. Nagle)
Newsgroups: comp.sys.amiga
Subject: Re: Guidelines for virus authors
Message-ID: <17306@glacier.STANFORD.EDU>
Date: 11 Feb 88 05:09:49 GMT
References: <8802072054.AA03747@jade.berkeley.edu> <8261@g.ms.uky.edu> <17301@glacier.STANFORD.EDU> <153@laic.UUCP>
Reply-To: jbn@glacier.UUCP (John B. Nagle)
Organization: Stanford University
Lines: 28

In article <153@laic.UUCP> darin@laic.UUCP (Darin Johnson) writes:
>Why should running under protected mode help?  A virus that gets read in
>from the boot block would presumably run in privileged mode.  A protected
>mode would help against some trojan horses though, although someone clever
>can get around this easily.

      The idea is to boot up from an uncontaminated medium and run without
booting thereafter, running user programs in protected mode only.  The
best startup medium would be a ROM, CD or otherwise.
>
>
>
>UNIX machines are no less succeptible to trojan horses than any other
>system.  Also, UNIX machines are not generally known as secure systems,
>although many vendors are trying to retro-fit better security. 

     Very true.  I was involved in one of the first major efforts in
this direction, the 1979 Kernalized Secure Operating System, a new kernel
written in Modula I for the PDP-11.  It is in principle possible to
make a secure system that will run UNIX programs without modifications to
the applications programs.  Ours was too slow to be useable for general
purpose applications, although it was later used in a military application.
But we could do better today.  The big problem, by the way, is not
making a tight kernel.  It is idiot-proofing system administration with
respect to security.  This can be done, although at considerable cost in
flexibility.

					John Nagle