Malware Threat To GNOME and KDE

**Therion** · February 18th, 2009

Originally Posted by sonofusion82

the idea is to reduce mistakes.

Where exactly is the coding mistake in this instance?

The article itself states:

...there is nothing fundamental about the architecture of Linux that prevents user stupidity or ignorance, which is of course the main ingredient in any attack vector like this.

Furthermore...

There is just one small stumbling block, which needs to be overcome. Well, two, actually.

Finally...

And here then is one more step that needs to be taken by the user, which might reduce the success rate of this attack vector a little. The user has to first save the attachment and then double click on it.

This isn't a coding issue; this PEBCAK: Problem Exists Between Chair And Keyboard. Remove any single user error, and there's plenty to choose from it seems, and this attack fails.

Utterly... FAILS.

**matteojg** · February 18th, 2009

Granted the premise concerning the vulnerability of launchers in the KDE or GNOME desktops...how is it that the script that is downloaded by the launcher becomes executable?

**cdenley** · February 18th, 2009

Originally Posted by matteojg

Granted the premise concerning the vulnerability of launchers in the KDE or GNOME desktops...how is it that the script that is downloaded by the launcher becomes executable?

It doesn't need to be executable if you execute the shell directly with the script as an argument.

**bodhi.zazen** · February 19th, 2009

I am going to close this thread now as it is not a very productive discussion. The previous discussion was closed, and that does not mean you may start a new one.

Please see the sticky on the top of these forums and please do not spam these forums with links to personal web pages.

If you wish to cite an authority on security that would be fine, but the author of those pages is certainly not an authority and your linking to his blog / opinion page borders on spam.

The sticky address both issues you raise :

1. Social engineering => educate users.

2. Escalation of privileges. This requires #1 and you are already in deep trouble if you are limiting escalation of privileges. The current tools to allow this are apparmor and selinux, both of which are quite powerful.