ALBRECHT@CALIPH (Steve Albrecht) (10/24/89)
in: VIRUS-L Digest V2 #217 Subject: Operating System virus protection (DOS & UNIX) Re: UNIX virus proof?! (UNIX) jlg@lanl.gov (Jim Giles) writes: >>I wouldn't say UNIX is virus-proof (I posted a hoax article about a >>UNIX virus over a year ago, just before the Internet Worm incident), >>but it's sure a hell of a lot more virus-resistant than DOS. > >How do you know? The only machines DOS runs on are PCs and compatibles. >UNIX implemented on these machines would be just as vulnerable as DOS. >The most obvious weaknesses of DOS are unimportant compared to the fact >that the hardware itself has no protection mechanisms. Assuming everyone means "MS-DOS" when using the common acronym "DOS"... Every UNIX implementation on 80286/386 processors that I've seen uses the Intel Protected Mode. If used properly, this provides process isolation. This alone is a great security improvement over MS-DOS. File system security can be provided similarly by using memory-mapped rather than i/o mapped devices. Their are a few UNIX implementations which run on 8088-based PCs. It is true that hardware support for process isolation and file security are lacking in off-the shelf IBM PC and PC/XT-type machines. The rarity of such machines running UNIX is a wonderful defense against viruses, however. The fact remains that most users of PC/AT and 386-based machines use MS-DOS which, now in its 4th major version, is still incapable of using Intel Protected Mode. Thus, Peter's original statement is fully justified. MS-DOS is (also) an easier target than UNIX because of its simplicity and easy access to technical information. While UNIX internals are also widely available, they are written for more sophisticated readers. The multitudinous flavors of UNIX also inhibits low level attacks. MS-DOS is is a sitting duck (such being the price of standardization). As an aside, I abhor the idea of anyone promulating "virus hoaxes" or other forms of terrorism. As I lack complete understanding of Peter's claim to have "posted a hoax article about a UNIX virus over a year ago", I will resist further comment on this distasteful subject. (::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::) ) Steve Albrecht - IntelliCorp, Inc. - Knowledge Systems Product Development ( ( "Opinions expressed here are my own, if anyone's, and not my employer's." ) ) DDS albrecht@intellicorp.com : COMPUSERVE 73657,1342 ( ( UUCP ...!sun!intellicorp.com!albrecht : public bbs (415)969-5643 ) ) or ...!sun!icmv!albrecht : "c"omment to sysop ( (::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::)