ALBRECHT@CALIPH (Steve Albrecht) (10/24/89)
in: VIRUS-L Digest V2 #217
Subject: Operating System virus protection (DOS & UNIX) Re: UNIX virus proof?!
(UNIX)
jlg@lanl.gov (Jim Giles) writes:
>>I wouldn't say UNIX is virus-proof (I posted a hoax article about a
>>UNIX virus over a year ago, just before the Internet Worm incident),
>>but it's sure a hell of a lot more virus-resistant than DOS.
>
>How do you know? The only machines DOS runs on are PCs and compatibles.
>UNIX implemented on these machines would be just as vulnerable as DOS.
>The most obvious weaknesses of DOS are unimportant compared to the fact
>that the hardware itself has no protection mechanisms.
Assuming everyone means "MS-DOS" when using the common acronym "DOS"...
Every UNIX implementation on 80286/386 processors that I've seen uses
the Intel Protected Mode. If used properly, this provides process
isolation. This alone is a great security improvement over MS-DOS.
File system security can be provided similarly by using memory-mapped
rather than i/o mapped devices.
Their are a few UNIX implementations which run on 8088-based PCs. It
is true that hardware support for process isolation and file security
are lacking in off-the shelf IBM PC and PC/XT-type machines. The
rarity of such machines running UNIX is a wonderful defense against
viruses, however.
The fact remains that most users of PC/AT and 386-based machines use
MS-DOS which, now in its 4th major version, is still incapable of
using Intel Protected Mode. Thus, Peter's original statement is fully
justified.
MS-DOS is (also) an easier target than UNIX because of its simplicity
and easy access to technical information. While UNIX internals are
also widely available, they are written for more sophisticated
readers. The multitudinous flavors of UNIX also inhibits low level
attacks. MS-DOS is is a sitting duck (such being the price of
standardization).
As an aside, I abhor the idea of anyone promulating "virus hoaxes" or
other forms of terrorism. As I lack complete understanding of Peter's
claim to have "posted a hoax article about a UNIX virus over a year
ago", I will resist further comment on this distasteful subject.
(::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::)
) Steve Albrecht - IntelliCorp, Inc. - Knowledge Systems Product Development (
( "Opinions expressed here are my own, if anyone's, and not my employer's." )
) DDS albrecht@intellicorp.com : COMPUSERVE 73657,1342 (
( UUCP ...!sun!intellicorp.com!albrecht : public bbs (415)969-5643 )
) or ...!sun!icmv!albrecht : "c"omment to sysop (
(::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::)