PDA

View Full Version : unix permissions




sk3pt1c
Dec 26, 2005, 08:41 AM
i'm thinking of changin group and others permissions with chmod for all my files to none,so no viruses and spyware can access or at least damage them
will that cause conflicts with programs and will it really do what i want it to do?



superbovine
Dec 27, 2005, 11:39 PM
yes and no

jhu
Dec 28, 2005, 01:18 AM
yes and no

mostly no. if you inadvertantly run a virus, the virus will run with your permissions and still be able to do whatever you are able with your permission level.

greatdevourer
Dec 28, 2005, 07:59 AM
i'm thinking of changin group and others permissions with chmod for all my files to none,so no viruses and spyware can access or at least damage them
will that cause conflicts with programs and will it really do what i want it to do? Viruses and Spyware... you're funny, y'know that?

jeremy.king
Dec 28, 2005, 09:36 AM
Might as well delete all your files, then viruses will never get to them. No need to change permissions.

sk3pt1c
Dec 28, 2005, 04:21 PM
sorry greatdevourer, i didn't get that
would you mind explaining yourself?

yellow
Dec 28, 2005, 05:00 PM
sorry greatdevourer, i didn't get that
would you mind explaining yourself?

There's no viruses for OS X. None. Zip. Zilch.

Chances are quite high that changing your permissions thusly will cause more annoyances than save you from non-existant viruses.

Don't bother.

zimv20
Dec 28, 2005, 05:15 PM
the unix permissions exist in order to provide/deny access to other users and groups (and programs, which belong to some system user, human or not). any malevolent program is going to run either as yourself, in which case it will have unlimited access to your files, or as a root process, which has the same effect.

sk3pt1c
Dec 29, 2005, 07:53 AM
cool
ok thanks guys
i bet there are viruses for X as well as for everything else though
thanks for the info
happy new year

greatdevourer
Dec 29, 2005, 08:02 AM
i bet there are viruses for X as well as for everything else though Nope. People have tried. There have been contests with money (sometimes paltry, but sometimes a lot more). As for "everything else", there are 9 for the entire history of Linux, one of which doesn't count (a true "anti-virus" - it exploited a hole, then once inside, it patched that hole :p)

topgunn
Dec 29, 2005, 08:21 AM
it exploited a hole, then once inside, it patched that hole :p
I love the open-source community.

yellow
Dec 29, 2005, 09:33 AM
i bet there are viruses for X as well as for everything else though


You would loose that bet.

oliverhelm
Dec 30, 2005, 09:48 AM
+ dont forget that most network scripts rely heavely on groups, and some will grant access to something with no group to everyone!

sk3pt1c
Dec 30, 2005, 12:09 PM
ok,thanks guys

i guess only time will tell :)

yellow
Dec 30, 2005, 12:11 PM
i guess only time will tell :)

Yup.. (nearly) 5 years and waiting..

jhu
Dec 30, 2005, 12:27 PM
Yup.. (nearly) 5 years and waiting..

security requires continual vigilance (http://www.macintouch.com/opener.html)

yellow
Dec 30, 2005, 01:37 PM
security requires continual vigilance (http://www.macintouch.com/opener.html)

That's not a virus.

And if by vigilance, you mean, not being a moron, then yes.. security requires continual(ly) not being a moron.

jhu
Dec 30, 2005, 03:12 PM
That's not a virus.

And if by vigilance, you mean, not being a moron, then yes.. security requires continual(ly) not being a moron.

alright, well about an actual exploit (http://www.vnunet.com/vnunet/news/2126520/itunes-exploit-code-hits-web) then?

people say how windows has more viruses than other operating systems. i suspect this has as much to do with market share as being against "the man."

mrichmon
Dec 30, 2005, 03:16 PM
security requires continual vigilance (http://www.macintouch.com/opener.html)

The linked page describes a Malware script that collects a bunch of information and opens up services on an OS X box. The script also installs itself as a startup item. However, it is not a virus. This script needs to be explicitly run by an admin user, and surprise, surprise, an admin user can turn on services and collect data from the machine.

The ability to turn on services and obtain data from the machine does not indicate a security hole or anything that implies the potential for a virus. It does mean that an admin user has full access to the machine. This is intended otherwise there would be no way to, say, turn on services.

This is just another reason why you should never run untrusted code (and never trust any random code you find on the internet). It is also a good reason why experts recommend that average users should not use an admin account as their day to day account. Rather they should set up two accounts an admin account and a regular user account. For day to day use they should only log into the user account and only use the admin account (or the admin username and password) for installation and other activies.

Here is a script that will cause actual damage on your system (but it also is not a virus... it also needs to be run by an admin user):

#/bin/sh
# Do not run this script as it will destory your OS X installation!!!!
/usr/bin/sudo /bin/rm -rf /


Warning to all reading this: running the above script on your OS X box will wipe your installation. This would be bad for you. :-)

While we are on the subject, here is a nasty piece of C code that if run will prevent you from starting any programs and eventually will consume all your memory:


#include <stdio.h>
#include <stdlib.h>

main() {
while(1) {
fork();
malloc(1000);
}
}


I would also advise you not to run this code. However, the two statements in this code that causes these problems (malloc and fork) are exactly the same statements used by the finder whenever you run an application. Without these program commands it would be impossible to start a new application and it would be impossible for an application to load data.

The point is that for an Operating System to function you need certain powerful functions to be available. These functions can be used for good or evil, but they are not in and of themselves security holes. However, once a virus has gotten onto a system via a security hole it will almost certainly be using these powerful functions to do its darstardly deeds. :-)

Randall
Dec 30, 2005, 03:23 PM
Once there is enough people using OS X, a virus will be made. There have been viruses for Linux, although only a handful. And there have been viruses for other UNIX based systems as well. Don't think because it hasen't happend yet that it will never happen. That's just stupid logic with no basis. The Automator would be a nice gateway to propigate a virus, belive me. There are plenty of jerks out there that want to be famous, and once one virus is written, pandoras box is open.

Randall
Dec 30, 2005, 03:26 PM
That's not a virus.

And if by vigilance, you mean, not being a moron, then yes.. security requires continual(ly) not being a moron.Well you don't have to be a "moron" to screw up. You don't have to be l33t to know what you're doing either, but everybody makes mistakes.

yippy
Dec 30, 2005, 03:30 PM
security requires continual vigilance (http://www.macintouch.com/opener.html)


Also, if you saw the bottom of that article, the "hole" was fixed in the next version of iTunes so is no longer a factor.

Randall
Dec 30, 2005, 03:32 PM
The linked page describes a Malware script that collects a bunch of information and opens up services on an OS X box. The script also installs itself as a startup item. However, it is not a virus.
A Computer Virus (http://en.wikipedia.org/wiki/Computer_virus) is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.

Ok so it's technically not a virus, since it needs somebody with admin to physically execute, but it is damn close to being one.


Also, a fork bomb is not a virus. Although they suck bigtime. :p While we're at it, never type this in the Terminal either: :(){ :|:& };: Same effect as C code = The system is hosed.

greatdevourer
Dec 30, 2005, 03:53 PM
alright, well about an actual exploit (http://www.vnunet.com/vnunet/news/2126520/itunes-exploit-code-hits-web) then? Ooo, wow... an exploit... go to osvdb.org and search for "mac". Trust me, you'll find hundreds, thousands even. Big. ******. Deal. They're all patched.

Once there is enough people using OS X, a virus will be made. There have been viruses for Linux, although only a handful. And there have been viruses for other UNIX based systems as well. Don't think because it hasen't happend yet that it will never happen. That's just stupid logic with no basis. The Automator would be a nice gateway to propigate a virus, belive me. There are plenty of jerks out there that want to be famous, and once one virus is written, pandoras box is open. Don't take that attitude. Enough people do use OSX and enough people know it exists. As said before, people have tried again and again, yet nothing happens. Trust me, if you make one, you will be very famous within the security community, even now.

yellow
Dec 30, 2005, 04:16 PM
i suspect this has as much to do with market share as being against "the man."

I don't want to beat this dead horse again. There's a multitude of reasons there are no viruses for Macs. I won't innumerate them here..

yellow
Dec 30, 2005, 04:21 PM
Once there is enough people using OS X, a virus will be made. There have been viruses for Linux, although only a handful. And there have been viruses for other UNIX based systems as well. Don't think because it hasen't happend yet that it will never happen. That's just stupid logic with no basis. The Automator would be a nice gateway to propigate a virus, belive me. There are plenty of jerks out there that want to be famous, and once one virus is written, pandoras box is open.

How many people have to be using it then? Apple says there were 10 MILLION OS X users at the last MacWorld. How many more in 1 year's time have been added? It's not like there's no Mac users out there to write a virus for..


Well you don't have to be a "moron" to screw up. You don't have to be l33t to know what you're doing either, but everybody makes mistakes.

Yes, but to get rooted by Opener, you have to grab a zipped file that purported to be a warez copy of MS Office from off a kazaa-like site. And it was only 300ish K in size.

Randall
Dec 30, 2005, 04:57 PM
How many people have to be using it then? Apple says there were 10 MILLION OS X users at the last MacWorld. How many more in 1 year's time have been added? It's not like there's no Mac users out there to write a virus for..




Yes, but to get rooted by Opener, you have to grab a zipped file that purported to be a warez copy of MS Office from off a kazaa-like site. And it was only 300ish K in size.Well I don't know how many users have to be on OS X before somebody successfully writes a virus for it, but just because it's UNIX based doesn't mean that it's impossible to do. It is very difficult to do, and somebody has to be motivated by greed or fame or something Apple did to piss them off (switch to x86?) Not that these are good reasons, but I just wouldn't go arround assuming that it will never happen. (I'm not wearing my tinfoil cap around either though :p) Just saying that it's best to stay alert.

yellow
Jan 2, 2006, 07:22 AM
Well I don't know how many users have to be on OS X before somebody successfully writes a virus for it, but just because it's UNIX based doesn't mean that it's impossible to do.

I don't see where I ever said it was impossible. I have AV software and maintain it for all my users as a contingency against the inevitable. I WILL dispute the OP's claim that there's already viruses for OS X, as there are not. And that Opener was a virus, it was not. It was a rootkit. It required the user's willing (if not ignorant) participation.