No, you are completely wrong, here. I don't want to sound harsh or an expert, but you had better not answer at all if you are not sure about the correct answer, especially in security questions (I am not an expert, but I've seen things
http://i.imgur.com/cPUWj1j.jpg)
1) Fetch the package xmacro from the repositories
2) Run from a terminal
3) Open another terminal, give
4) Watch xmacrorec2 from the 1st terminal to log your password. To stop xmacrorec2 from logging, focus to the first terminal and press the Escape key, or Ctrl+C
So, here's the senario: You download an untrustworthy script from an online source which does what it says but it also downloads without your knowledge a program similar to xmacrorec2, using
wget. Then, it gives
executable permissions to it, it
hides it somewhere inside your home folder, gives it a name of its preference, e.g. zeitgeist-control and it
executes it as a background job. Also, it makes it
start everytime at startup using a hidden desktop file (starting with dot) under a hidden directory (~/.config/autostart) and declares it as "Zeitgeist database indexer" in case you open some time the start-up applications and find it.
Please note that all the above may as well be in encoded into the original script, using some simple 2-way encryption, like base64. So, even if you inspect the script, you won't see the actual commands, but something weirder, like
Code:
VEhJUyBJUyBBIE5JQ0UgWU9VVFVCRSBWSURFTzogaHR0cDovL3lvdXR1LmJlL1dpYm1jc0VHTEtvCg==
Everything you do now is being logged! And my guess is that it will take the average Ubuntu user more than a couple of days to realize that something's wrong - time enough to log a good amount of passwords.
Please notice that on the above story nothing requires root privileges to be done. All the bold points can be executed as simple user actions after you execute the malicious script.
Never execute untrustworthy scripts or install untrustworthy DEBs!
Bookmarks