Wednesday, April 19, 2006

mis-feature, not a bug

cross-platform 'proof-of-concept' virus. can replicate itself on both windows and linux computers.
(read about *that* here: http://os.newsforge.com/article.pl?sid=06/04/17/1752213&tid=2)

virus 'does not work' with linux version 2.6.16.
linus torvalds says this is due to a 'mis-feature' in the kernel.
then releases a kernel patch that fixes this mis-feature to make the virus 'work'.

quote from the article:
"The reason that the virus is not propagating itself in the latest kernel versions is due to a bug in how GCC handles specific registers in a particular system call. He has coded a patch for the kernel to allow the virus to work on even the latest Linux kernel."

Leave it to open source hackers to debug and fix aging viral code so that it works correctly. !!

this particular virus is only capable of replication (atleast for the moment), but does not result in privilege escalation i.e., become root and cause havoc. another good reason not to run programs unnecessarily as root.

read more about it here:
http://software.newsforge.com/article.pl?sid=06/04/18/1941251