[OLPC Security] A mom's worries

Marcus Leech mleech at nortel.com
Thu Nov 29 16:57:12 EST 2007


Seth Woodworth wrote:
>
> Yes, because there is such a thriving anti-virus industry for linux
> systems.
>
> Maybe someone should explain the OLPC system a little better.  The
> idea is that malicious software (or any software for that matter)
> isn't allowed to do anything.  The worst that it could do is take up
> resources until it was shut down.
>
> This is basically what anti-virus software does.  It finds programs
> that it thinks are malicious, and contains them from accessing things
> that they shouldn't.  It sounds like you are suggesting someone writes
> a program to do this again.
>
The notion of malware for *nix systems (including Linux) isn't all
*that* far-fetched.

You *have* to assume that at some point, some piece of application
software has a remote-execution vulnerability (that is, a
  vulnerability that allows an attacker to load and run code in the
context of the targetted application).  In *nix, this would
  be the "context" of an ordinary user, which means that the downloaded
code can only muck with objects that the
  ordinary user has access to.  But that isn't a guarantee that
*nothing* bad would happen.

Consider, for example, that on ordinary *nix desktop systems, the user
usually (but not always) has root access via
  "su" or "sudo".   Consider a remote-execution exploit that quietly
mucks with the users .profile/.cshrc/.bashrc to
  point the user at slightly-modified versions of sudo that collect the
password, and then call the "real deal".

The code simply lies dormant until the users happens to do a "su" or a
"sudo", and then "does interesting things".

It's not inconceivable, it just hasn't happened on any kind of scale
that's interesting.

One should also consider that some types of malware are perfectly happy
not to have "root" access.  Access as an ordinary
  user is all that's required (in general ) to set up outbound network
connections, run processes in the background, etc.
  A spam-bot doesn't need root access.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.laptop.org/pipermail/security/attachments/20071129/69ab5fdd/attachment.pgp 


More information about the Security mailing list