Archive of UserLand's first discussion group, started October 5, 1998.

Unix and Email Viruses

Author:Eric Soroos
Posted:6/15/1999; 5:00:57 PM
Topic:Unix and Email Viruses
Msg #:7409
Prev/Next:7408 / 7410

It is difficult to create an email virus in unix that doesn't explicitly exploit a bug of a specific mail system.

To execute an attached shell script or executable from a message, you typically have to save it, then change the file to an executable (chmod +x), then run it. Attachments don't automatically run, and if they did, it would be considered a bug.

Furthermore, the ability to run a file is not determined by the file name.

Even then, unless there was an exploit for a particular program, you're running as the user, not as a privleged account. That makes it harder to do anything truly interesting or malicious. (Depending on your point of view) You can't replace the file manager or the email program. You can't bind to the smtp port. You can send mail, but you can't intercept anyone elses mail on that system.

I'm not saying that a lot of havoc is impossible, but there are far higher hurdles in the unix world to writing viruses than there are in the windows world.

That being said, if there were a systematic flaw in something as critical as say... sendmail* ... There would be a real big effect. Probably a reality approaching the hype of Melissa shutting down the internet. i.e. there's only so much havoc to be done on a bunch of clients. Get the servers and all hell breaks loose.

added later

* see Robert Morris, fellow Cornell Alumnus and author of the infamous and legendary Sendmail Internet Worm.

There are responses to this message:

This page was archived on 6/13/2001; 4:50:49 PM.

© Copyright 1998-2001 UserLand Software, Inc.