Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A warning on a new destructive 'trojan horse'' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A warning on a new destructive 'trojan horse'
Authored by: nite77 on May 12, '04 06:20:29PM

Only working solution, that Apple could do, would be to implement a very low-level checking of filesys calls. For example, the occasions that 'rm -rf ~' or 'rm -rf /' are -really- needed, are very few indeed. Apple could implement a way to prevent this altogether, and make new commands to achieve them that would -always- ask confirmation, like editing the 'sudoers' file can not be done with vi, or pico or anything else but the 'visudo' command. Make the filesystem (or whatever is low level enough) to refuse to delete '~' or '/' without the use of the special commands, that always would ask confirmation. Or then make two passwords, one 'regular', the other 'security' and everytime the filesystem/kernel/whatever notices that '~' or '/' is about to be deleted, it would prompt for the 'security' password - that way the user always would know.

I'm not explaining this easily, right? :)

---
/Nite - "can't rain all the time"
[ http://www.nitesade.net ]



[ Reply to This | # ]
A warning on a new destructive 'trojan horse'
Authored by: jasont on May 12, '04 07:15:37PM

That's not a bad idea (the / part would have to only be / w/ nothing after it). It doesn't stop whole folders getting whiped out, but it's still the best suggestion I've seen here.



[ Reply to This | # ]
A warning on a new destructive 'trojan horse'
Authored by: nite77 on May 13, '04 05:38:29AM

And to add to this myself, Apple could do a list of things in addition to '/' and '~' that you would not want to delete, such as '~/Library' and stuff.

---
/Nite - "can't rain all the time"
[ http://www.nitesade.net ]



[ Reply to This | # ]