You noticed that the trojan can only run with the privileges the IRC process has, didn't you?I don't use linux, but it's probably on the list of stupid things I'd do... (I do it on windows because I CBA to bother with user accounts and transferring all my shizzle to a new non-admin account, then having to change accounts whenever I wanna change a little setting)
Nobody here runs his Linux box as admin by default, or do you?
I don't use linux, but it's probably on the list of stupid things I'd do... (I do it on windows because I CBA to bother with user accounts and transferring all my shizzle to a new non-admin account, then having to change accounts whenever I wanna change a little setting)Me thinketh you don't have any knowledge on the subject. Some experience might do you a lot of good, young grasshopper. ;)
On the linux subject or the windows subject? :oI don't use linux, but it's probably on the list of stupid things I'd do... (I do it on windows because I CBA to bother with user accounts and transferring all my shizzle to a new non-admin account, then having to change accounts whenever I wanna change a little setting)Me thinketh you don't have any knowledge on the subject. Some experience might do you a lot of good, young grasshopper. ;)
Linux. Was our discussion about Windows?Linux. Where could you possibly get the idea I'm new to linux? I still think I understand linux enough to know that running it under admin is stupid. And is also the kind of stupid, lazy thing I'd do.
You noticed that the trojan can only run with the privileges the IRC process has, didn't you?
Nobody here runs his Linux box as admin by default, or do you?
I think Karx meant that the virus needed admin privileges to run.And Techpro seems to be implying that everyone runs Linux as admin.
I think Karx meant that the virus needed admin privileges to run.And Techpro seems to be implying that everyone runs Linux as admin.
Well then techpro is just plain confusing.I think Karx meant that the virus needed admin privileges to run.And Techpro seems to be implying that everyone runs Linux as admin.
I've got to tell you that yours as well as WillyP's statement are both wrong and that Karx's comment lacks a minimum of common sense and technical insight.
As far as I can see, Techpro didn't imply anything. There's nothing to imply anyway.
Facts are here:
[url]http://www.securityfocus.com/bid/40820[/url]
Anything else is speculation. ;)
Well then techpro is just plain confusing.
And what exactly does the d in IRCd stand for?Well then techpro is just plain confusing.
It wasn't Techpro who revealed that he obviously has no clue what the "d" in "IRCd" stands for and what that implies regarding run-time credentials - that goes on Karx's account with his "run Linux as admin" bosh. It also reveals that he doesn't seem to know that most Linux installations don't even have an "admin" account. Even a beginner's manual tells you this on one of the first pages.
I personally find it simply plain stupid to comment on a subject you don't know *anything* about, which Karx has proved loudly. *That* is something that might confuse everybody else who can't spot on first sight that it's just a pile of rubbish.
1. | A reason for Linux users who also use the Unreal IRC (Internet Chat Relay) system on their Linux systems to take the time to check their Linux systems ... because of a "backdoor" that may have gotten onto their system without their knowledge. I suggested nothing about how users may or may not use their systems. |
2. | In my second post in this thread, I stated my opinion that Matthew (based on his comment in this thread) may have much to learn about using Linux ... thus implying he might be commenting without sufficient knowledge on the subject. (was I incorrect?) |
1. | pointed out (thank you, karx11erx) that the backdoor/trojan can only function at the same privileges as the user running the IRC process (or IRCd process to be precise). Thus pointing out that running it by a username that has administrative rights ... that would be bad (for the user) or at least much worse than otherwise. |
2. | His question "Nobody here runs his Linux box as admin by default, or do you?" could be considered sarcasm if you wish. He emphasized the poor wisdom it is to run stuff at admin level of access (which sadly many people do). |
- | with Karx that people should not be running all the time with elevated privileges (thus greatly decreasing possible problems). |
- | with Thomas that the backdoor/trojan can still cause problems either way. It's just restricted to what can be done at the current user's access rights. |
Now that we've discussed this a bit (a bit more than I think was necessary) ... I think it's time we got back to other subjects ... Like the weather. Gee, That sunset, wasn't that something?How about combining the weather, the floods, and the global economy in one pool? ;)
How about combining the weather, the floods, and the global economy in one pool? ;)