[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Antivirus? (and firewalls)

To: independence-l@independence.seul.org
Subject: Re: Antivirus? (and firewalls)
From: "Marc Rubin, Jay's Island Software Development & Consulting" <mrubin@Iname.com>
Date: Fri, 13 Aug 1999 20:55:06 -0400 (EDT)
Reply-To: independence-l@independence.seul.org
Sender: owner-independence-l@independence.seul.org

cogNiTioN wrote:

>Couldn't this be done with 'suid'? i.e. set up a 'user' that the
>questionable programs run as, and then chown it's documented files to it,
>and have it only access them?

The danger is from programs which must be run as root, such as SATAN/SAINT.
A sandbox is designed to prevent them from doing anything malicious.

To thoroughly test your system for security holes, many sys admins choose to
run programs which walk the line between 'hacking' and security. Back
Orifice is the tool of choice for NT, while SATAN/SAINT seems to be the
state of the art in Un*x. Most such programs must be run as root.

Granted, this is outside the purview of the average new Linux user. But the
risks are similar with any program which must be run as root for purposes of
system administration. 

Marc

Prev by Date: Re: Antivirus? (and firewalls)
Next by Date: Re: Inde CD
Prev by thread: Re: Antivirus? (and firewalls)
Next by thread: Freezing
Index(es):
- Date
- Thread