jhu said:
security requires continual
vigilance
The linked page describes a Malware script that collects a bunch of information and opens up services on an OS X box. The script also installs itself as a startup item. However, it is not a virus. This script needs to be explicitly run by an admin user, and surprise, surprise, an admin user can turn on services and collect data from the machine.
The ability to turn on services and obtain data from the machine does not indicate a security hole or anything that implies the potential for a virus. It does mean that an admin user has full access to the machine. This is intended otherwise there would be no way to, say, turn on services.
This is just another reason why you should never run untrusted code (and never trust any random code you find on the internet). It is also a good reason why experts recommend that average users should not use an admin account as their day to day account. Rather they should set up two accounts an admin account and a regular user account. For day to day use they should only log into the user account and only use the admin account (or the admin username and password) for installation and other activies.
Here is a script that will cause actual damage on your system (but it also is not a virus... it also needs to be run by an admin user):
Code:
#/bin/sh
# Do not run this script as it will destory your OS X installation!!!!
/usr/bin/sudo /bin/rm -rf /
Warning to all reading this: running the above script on your OS X box will wipe your installation. This would be bad for you.
While we are on the subject, here is a nasty piece of C code that if run will prevent you from starting any programs and eventually will consume all your memory:
Code:
#include <stdio.h>
#include <stdlib.h>
main() {
while(1) {
fork();
malloc(1000);
}
}
I would also advise you not to run this code. However, the two statements in this code that causes these problems (malloc and fork) are exactly the same statements used by the finder whenever you run an application. Without these program commands it would be impossible to start a new application and it would be impossible for an application to load data.
The point is that for an Operating System to function you need certain powerful functions to be available. These functions can be used for good or evil, but they are not in and of themselves security holes. However, once a virus has gotten onto a system via a security hole it will almost certainly be using these powerful functions to do its darstardly deeds.
