[Wolves] Linux viruses
James Turner
james at turnersoft.co.uk
Wed Dec 8 09:12:23 GMT 2004
On Tuesday 07 Dec 2004 20:24, Peter Oliver wrote:
> On Tue, 7 Dec 2004, James Turner wrote:
> > On Tuesday 07 Dec 2004 12:46, Kevanf1 wrote:
> >> I am genuinely worried that I may inadvertently allow something onto
> >> my Linux PC.
> >
> > I was wondering...
> >
> > Would everything would work properly if the "noexec" mount option was
> > used for /home, /tmp and /var/tmp.
>
> Not without some effort to make sure things such as .xinitrc still work.
I thought that too at first. On further investigatoin, the only "dot" files in
my home directory with the executable bit set are:
-rwxr-xr-x 1 james james 121 May 31 2004 .sversionrc*
-rwxr-xr-x 1 james james 64 Jan 10 2004 .sversionrc.old*
-rwxr-x--x 1 james james 124 Jan 10 2004 .sversionrc.orig*
-rwxr-xr-x 1 james james 188 Jan 17 2002 .Xclients*
-rwxr-xr-x 1 james james 52 Jan 17 2002 .Xclients-default*
Things like .bashrc, etc will get parsed by their respective shells/programs
without having the executable bit set. I don't have an .xinitrc,
only .xinitrc.switchdesk, but everything seems fine.
For added security, many of these "dot" files could perhaps be set to owner
root to prevent user (or, hypothetically, viral) modification.
Regards,
James
More information about the Wolves
mailing list