From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.54)
	id 1FHDAG-0007C6-5s
	for garchives@archives.gentoo.org; Thu, 09 Mar 2006 04:54:16 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.5/8.13.5) with SMTP id k294r7xY004269;
	Thu, 9 Mar 2006 04:53:07 GMT
Received: from mail.gmx.net (mail.gmx.de [213.165.64.20])
	by robin.gentoo.org (8.13.5/8.13.5) with SMTP id k294lm12002380
	for <gentoo-user@lists.gentoo.org>; Thu, 9 Mar 2006 04:47:48 GMT
Received: (qmail invoked by alias); 09 Mar 2006 04:47:48 -0000
Received: from N609P028.adsl.highway.telekom.at (EHLO [192.168.1.20]) [62.47.20.28]
  by mail.gmx.net (mp027) with SMTP; 09 Mar 2006 05:47:48 +0100
X-Authenticated: #787166
Message-ID: <440FB3F4.9060800@gmx.net>
Date: Thu, 09 Mar 2006 05:49:56 +0100
From: Jarry <jarry@gmx.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en, sk
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user]  antivirus
References: <FAEEIJPAOFEMBBLKPMJEAENFFBAA.BYoung@NuCORETech.com>
In-Reply-To: <FAEEIJPAOFEMBBLKPMJEAENFFBAA.BYoung@NuCORETech.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Archives-Salt: efb89a27-9306-4e9b-82c8-a7752546835b
X-Archives-Hash: 65b7c50717b7100e61a9ea00dfe1c063

Bob Young wrote:

> PowerUser is different from Admin, Admin is the equevelent of root in the
> Linux/Unix world, PowerUser is not. The primary and most important
> difference is the ability to *write* to the registry, It's perfectly safe to
> routinely log on as a PowerUser, as PowerUsers can *not* write to registry
> keys that affect the entire system, while Admin users can write to *any*
> registry key.

I'm not sure if this is true. Anyway, PowerUser has the ability
to install sw (even system patches!), alter executables and system
files! PowerUser can write to C:\ProgramFiles, or C:\Windows, and
that is exactly, what a virus need to spread itself. Not many viruses
can hide their code in registry (that is just equivalent to /etc in
unix-world), mostly they attach themselves to some exe/sys file,
or overwrite them...

So, if you start a virus-infected program as a PowerUser, there
are perfect conditions for spreading infection. If there were
some virus for linux, and you start it as a normal user, it can
not alter executables in /usr or /sbin, because user does not have
write access to them. Such a virus could infect only *your* files.

I'd say PowerUser is something between a restricted user, and admin.

Jarry
-- 
gentoo-user@gentoo.org mailing list