3 Jun
2003
3 Jun
'03
10:39 a.m.
In that case, the root mapping meant things got out.
IIRC the virus was your typical Outlook email worm, which doesn't even need temporary files as far as I know, let alone a large read only drive full of stuff it doesn't understand. Whether root is mapped or not would make little difference to those kind of things.
Mapping the root is a bad security decision, even if we don't see the exact attack vector at the moment.
The most interesting stuff for hackers/virus writers is almost always in the home directory, which is mapped by default. So, I think people overrate the importance of the rest of the system files here.
--
Mike Hearn m.hearn@signal.qinetiq.com
QinetiQ - Malvern Technology Center