[sf-lug] Need help with VirtualBox on openSUSE and Feisty (or Gutsy)
rick at linuxmafia.com
Wed Apr 9 12:04:45 PDT 2008
Quoting Ernest De Leon (edeleonjr at gmail.com):
> Aside from the fact that it goes against FHS, your directory structure,
> access levels and security will be all over the place.
Bingo. (There are also a bunch of minor reasons, but that's the major
I keep trying to get this across to people, and it's one of the reasons
for the system-security aspects of my page of essays on Linux viruses.
E.g., let's say that I deliberately execute an ELF-infector virus as
user "rick" on my system. It hunts around for files whose magic(5)
signature proclaims them executables or libraries in ELF format: It
hunts through /sbin, /bin, /usr/bin, /usr/sbin, /usr/local/bin,
/usr/local/sbin, /opt.... Lots of binaries, none of them writable by
user "rick" . The little beastie tries its last hope: /home/rick/bin .
Finally, an executables directory that's writeable -- but all it has in
it are a few minor scripts in shell and perl. The life of an ELF
infector (unless run privileged) is not a happy one.
As a somewhat related topic, here are a bunch of reasons to avoid
locally compiling and installing software if you can possibly manage it:
More information about the sf-lug