On Sat, 22 Jul 2000, Alan Cox wrote:
> > system. I hate having to expose everything, but now the hackers of the
> > world know now to take down Linux Boxes one by one.
>
> Actually what concerns me is you abused your access to IDE specifications and
> produced code any clueful Windows virus writer can add to something like
> ILoveYou and wipe out millions of windows pcs where thre isnt even a security
> model.
That just simply means they should be working on a migration stratagy to
something that does have a security model with a domain of separation etc.
With the new outlook flaw found where it starts executing code even before
it hits your inbox... At least ILOVEYOU needed someone to actually open
the attachment. I wonder how many outlook users applied the corrective
patch yet?
Mix latest outlook flaw with disk2brick and that could get ugly.
>
> Perhaps when your abuse of power ends wiyh your relatives wanting to know how
> they get their windows machiens working again you'll realise what an idiot
> you were being
I would hope that people in the know would just warn their relatives that
running windows95/98 is a hugh security problem waiting to happen. At
least have them run NT or win2k. Better yet maybe mention linux or BSD.
Pointing out a flaw isn't bad as long as you also have a solution.
BTW I think adding check for CAP_SYS_RAWIO is a good solution for linux.
Windows 98 or lesser users simply need to think about migration.
Andre's announcements didn't change that at all.
P.S. I don't really trust winnt or win2k for security either but at least
they have some security features.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST