[Full-disclosure] mac trojan in-the-wild
Paul Schmehl
pauls at utdallas.edu
Fri Nov 2 02:59:36 GMT 2007
--On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <jays at panix.com>
wrote:
>
> On Thu, 1 Nov 2007, Paul Schmehl <pauls at utdallas.edu> wrote:
>
>> --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
>> <adamst.onge at gmail.com> wrote:
>>
>>> So if i put a picture of a naked girl on a website and said to see more
>>> you must open a terminal and enter "rm -rf".
>>>
>>>
>>> Would we consider this a trojan...or just stupidity?
>>>
>> I would consider it stupidity to think that that is comparable to a
>> trojan.
>>
>> Paul Schmehl (pauls at utdallas.edu)
>
> I think, under the standard Unix system of permissions, this is a
> Trojan. Under the standard Unix system of permissions, every
> application running in my home directory can issue an
> 'rm -rf /home/me' and, without proper near in time backup, cause
> me much annoyance. The defect lies in the system of permissions.
> There exist systems of rolling off-machine backups and minimum
> privilege permissions systems, but they are not yet standard.
>
Perhaps you don't understand what a trojan is. Its purpose is to take
control of a machine to use it for purposes other than those to which its
owner would put it and without the owners knowledge or permission.
Destroying the machine is contrary to the design and purpose of a trojan.
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 3701 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20071101/17c1e5e1/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.