Full Disclosure mailing list archives
Re: mac trojan in-the-wild
From: "Steven Adair" <steven () securityzone org>
Date: Thu, 1 Nov 2007 23:21:13 -0400 (EDT)
--On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <jays () panix com> wrote:On Thu, 1 Nov 2007, Paul Schmehl <pauls () utdallas edu> wrote:--On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge" <adamst.onge () gmail com> wrote:So if i put a picture of a naked girl on a website and said to see more you must open a terminal and enter "rm -rf". Would we consider this a trojan...or just stupidity?I would consider it stupidity to think that that is comparable to a trojan. Paul Schmehl (pauls () utdallas edu)I think, under the standard Unix system of permissions, this is a Trojan. Under the standard Unix system of permissions, every application running in my home directory can issue an 'rm -rf /home/me' and, without proper near in time backup, cause me much annoyance. The defect lies in the system of permissions. There exist systems of rolling off-machine backups and minimum privilege permissions systems, but they are not yet standard.Perhaps you don't understand what a trojan is. Its purpose is to take control of a machine to use it for purposes other than those to which its owner would put it and without the owners knowledge or permission. Destroying the machine is contrary to the design and purpose of a trojan.
Not really. Remember that the term trojan, as it applies to a computer program, comes from the large horse from the trojan war. The point of the program as it that it appears to have a use/functionality other than what its real purpose is. You let your guard down thinking its something else. It will generally also remain stealthy to a degree but what it does is up to the designer. Install an IRC back door, echo funky text to your win.ini, or rm your whole file system... well that's up to the _trojan_.
Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: mac trojan in-the-wild, (continued)
- Re: mac trojan in-the-wild Thor (Hammer of God) (Nov 01)
- Re: mac trojan in-the-wild Alex Eckelberry (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 01)
- Re: mac trojan in-the-wild nnp (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 02)
- Re: mac trojan in-the-wild Alex Eckelberry (Nov 01)
- Re: mac trojan in-the-wild Thor (Hammer of God) (Nov 01)
- Re: mac trojan in-the-wild Adam St. Onge (Nov 01)
- Re: mac trojan in-the-wild Paul Schmehl (Nov 01)
- Re: mac trojan in-the-wild Jay Sulzberger (Nov 01)
- Re: mac trojan in-the-wild Paul Schmehl (Nov 01)
- Re: mac trojan in-the-wild Steven Adair (Nov 01)
- Re: mac trojan in-the-wild Jay Sulzberger (Nov 01)
- Re: mac trojan in-the-wild Jay Sulzberger (Nov 01)
- Re: mac trojan in-the-wild Nick FitzGerald (Nov 01)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 02)
- Re: mac trojan in-the-wild J. Oquendo (Nov 02)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 02)
- Re: mac trojan in-the-wild reepex (Nov 02)
- Re: mac trojan in-the-wild Simon Smith (Nov 02)
- Re: mac trojan in-the-wild Dude VanWinkle (Nov 05)
- Re: mac trojan in-the-wild Paul Schmehl (Nov 05)