When you type sudo, you're invoking a setuided file. This means that sudo runs under root user and you don't have acces to root user page memory unles you're root.
Only a keylogger executed under root can read the keyboard when executing sudo.
Printable View
When you type sudo, you're invoking a setuided file. This means that sudo runs under root user and you don't have acces to root user page memory unles you're root.
Only a keylogger executed under root can read the keyboard when executing sudo.
STORAGE KEY
I keep referring to this,-- it's 360/370 lingo: the supervisor ran in protect key 0 and protect keys 1 through 15 were for user partitions/regions running applications. yep, just 16 keys were all we had ( but nobody had enough memory to run that many regions )
If I've done my homework properly the Intel x86 processors create a set of tables for memory protection -- essentially keeping track of what belongs to who -- and what privileges are allowed -- in a set of tables maintained by the kernel.
Virtual memory being and additional separate scheme...
Hopefully Linux has fully implemented the memory protection model -- which it is my understanding Windows does not
reference: The Rootkit Arsenal Bill Blunden ISBN 13:978-1-59822-061-2
see also http://www.theregister.co.uk/2004/10...dows_vs_linux/
( the above is a bit dated bu nonetheless insightful )
That's just the deal. If you get in the habit of just clicking "yes" and you are either root (something Ubuntu goes out of the way to disable) or you have SUDO access (the first user, for example, or anyone you give admin rights to) then you ARE vulnerable.
BTW I'm a programmer but not a UNIX programmer. The event model I used is approximately correct, but I can't vouch for it.
Again, if you installed the system then it doesn't matter what your username is. If you can type your password to install updates, then you can also (possibly inadvertently) install malware which can affect your entire system.Quote:
but i don't see that happening in Linux,-- those privileged modules that are a problem in Windows should be running in "userland" as trusted programs in Linux -- which should help to reduce the paths available to an attacker. Ideally the ONLY way to install a program is via the Official Installer -- which requires the Administrator password,-- and hopefully a digital signature authenticating the distribution-- whether o/s update, or app.
If you're NOT that user, you can install software in your own user space which you can compile and run, and it will have access to anything YOU have access to. So you can thoroughly trash your own files.
+10,000,000,000Quote:
It looks to me that for most of us if we just follow Linux recommendations our systems are not likely to get hacked.
The thing is, learn to look at advisories and read a few security howto's.