Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!ukma!sean
From: sean@ms.uky.edu (Sean Casey)
Newsgroups: comp.sys.amiga.tech
Subject: Re: IRQ virus (and a personal note to Steve)
Message-ID: <10794@s.ms.uky.edu>
Date: 3 Jan 89 00:21:14 GMT
References: <5601@cbmvax.UUCP> <5602@cbmvax.UUCP> <10788@s.ms.uky.edu> <18668@agate.BERKELEY.EDU>
Reply-To: sean@ms.uky.edu (Sean Casey)
Organization: The Leaning Tower of Patterson Office @ The Univ. of KY
Lines: 32

In article <18668@agate.BERKELEY.EDU> laba-3ar@e260-4b.berkeley.edu (Case Larsen) writes:
|In article <10788@s.ms.uky.edu> sean@ms.uky.edu (Sean Casey) writes:
|>light at the end of the tunnel is probably a protected mode OS with
|>enforced privileges. Once debugged, at this would at least protect the
|                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|>system files from a user running a virus.
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

|This wouldn't protect him from running a trojan horse that modified any
|of his work files.  The user would necessarily have to be able to write
|and modify his own files.  It also wouldn't wouldn't protect him from
|running a trojan horse that would add this line to the end of his
|startup-sequence:
|	delete #? all quiet

Yeah, well, that's what I said. It would protect the system files. It should be
obvious that there is no real generalized solution to protect users from
themselves.

|If the startup-sequence leaves the user in his work directory, the above
|command will remove all of his work files, but leave the system utilities
|untouched.
|Any solutions to that problem?

Backups.


-- 
***  Sean Casey                        sean@ms.uky.edu,  sean@ukma.bitnet
***  Who sometimes never learns.       {backbone site|rutgers|uunet}!ukma!sean
***  U of K, Lexington Kentucky, USA  ..where Christian movies are banned.
***  ``My name is father. You killed my die. Prepare to Inigo Montoya.''