[Gllug] Virus on Linux/Mac

Caroline Ford caroline.ford.work at googlemail.com
Sun Sep 23 22:01:32 UTC 2007


On Sun, 2007-09-23 at 22:23 +0100, Christopher Currie wrote:
> On Sun, 23 Sep 2007 13:58:21 +0100 Caroline Ford wrote:
> 
> > The gksu popup doesn't mention the name of the OS.
> 
> The previous poster had supposed that it did; in my ignorance I assumed he was 
> right.
> 
> > It says something 
> > like
> >
> > "This application requires administrative privileges to run. "
> 
> Now I've checked, I see it actually says 'Enter your password to perform 
> administrative tasks', which is slightly different [why do I want to perfom 
> administrative tasks at this point?] and then says "the 
> application '<application name>' lets you modify essential parts of your 
> system"; under Kubuntu KDE su doesn't point that out, but it clearly flags 
> the prvileged application name as a "command'.
> 
> If you haven't typed the command it's going to look even odder than the wrong 
> OS name.  
> 
> And if you're using Kubuntu, the Gnome gksu window is unexpected and 
> unfamiliar, which should make you even more attentive to what it says.
> 
> I agree that people who never read what they see will be in trouble. But my 
> main point - which was that the virus would soon be spotted - I think stands.

Mine (gnome & dapper) says:

Enter your password to perform administrative tasks

The application 'network-admin' lets you modify essential parts of your
system.

Password:

--------
I'm pretty sure you can set things up so that programs use kdsu rather
than gksu if that is installed instead - although Ubuntu has many more
installs than Kubuntu.

Some programs (eg gdebi I think) only ask you for the password when they
need it - not when you've opened it. I'd actually prefer it if programs
only asked for root privs when they needed it, it seems saner.

The real point is that we tell people that linux is safer because we
don't have the malware (yet). If we had enough market share I'm sure
we'd get the malware - we are not really structurally safer and we
shouldn't believe our own propaganda. 

We tell people that they don't need to be careful as it's linux - that
they don't need firewalls etc. We've already had stupid crap with people
adding anything and everything to sources.list and typing in commands
they don't understand.

If anything - I expect an unsafe linux box could cause more havoc than
an unsafe windows one - we rely on our users being clueful.

Caroline

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list