Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!purdue!decwrl!labrea!agate!e260-4b.berkeley.edu!laba-3ar From: laba-3ar@e260-4b.berkeley.edu (Case Larsen) Newsgroups: comp.sys.amiga.tech Subject: Re: IRQ virus (and a personal note to Steve) Message-ID: <18668@agate.BERKELEY.EDU> Date: 2 Jan 89 07:13:30 GMT References: <5601@cbmvax.UUCP> <5602@cbmvax.UUCP> <10788@s.ms.uky.edu> Sender: usenet@agate.BERKELEY.EDU Organization: University of California, Berkeley Lines: 31 In article <10788@s.ms.uky.edu> sean@ms.uky.edu (Sean Casey) writes: >It's going to get a whole lot worse before it gets better. The biggest >light at the end of the tunnel is probably a protected mode OS with >enforced privileges. Once debugged, at this would at least protect the ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >system files from a user running a virus. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This wouldn't protect him from running a trojan horse that modified any of his work files. The user would necessarily have to be able to write and modify his own files. It also wouldn't wouldn't protect him from running a trojan horse that would add this line to the end of his startup-sequence: delete #? all quiet If the startup-sequence leaves the user in his work directory, the above command will remove all of his work files, but leave the system utilities untouched. Any solutions to that problem? >*** Sean Casey sean@ms.uky.edu, sean@ukma.bitnet >*** Who sometimes never learns. {backbone site|rutgers|uunet}!ukma!sean >*** U of K, Lexington Kentucky, USA ..where Christian movies are banned. >*** ``My name is father. You killed my die. Prepare to Inigo Montoya.'' _________________________________________________________________________ | __ __________________________________ | | /// |Sung to "I'm looking over a four | Case Larsen| |__ /// | leaf clover" | laba-3ar@web.berkeley.edu| |\\\/// |I'm looking over the root guy's | -or- |