This is an archived low-energy page for bots and other anonmyous visitors.
Please sign up if you are a human and want to interact.
in reply to Re: SelfChanging script!
in thread SelfChanging script!
P.S. A note to all those who worry about these things - take another look. If some primitive self-replicating Perl source can cause any damage whatsoever, much, much worse will happen. Focusing on false threats at the cost of research is what's causing so many of our current problems. So I suggest you all get a clue, or at least stop spreading blind FUD. Thanks.
I'd like to ask first ... how is this indicitave of "much worse will happen"? There are plenty of cases of attacks on server where the basic methodolgy is to simply fill all available disk space on a partition. If this 'harmless' script gets executed with enough access, it could bring a server to its knees by filling it up.
If it was simply research, why the need to double itself in size? If its simply research, the problem is creating a persistant program that runs itself over and over. The way the question is posted smacks of either poor intents, or, even worse, a homework assignment. |
Re: Re: Re: SelfChanging script!
by Anonymous Monk on Aug 05, 2003 at 04:18 UTC
|
The way the question is posted smacks of either poor intents, or, even worse, a homework assignment.
And you care if it's a homework assignment, why? Because someone is willingly allowing you to sabotage their education? Who cares, less competition for your job (which is a good thing for you if you think that Perl program is a major security threat). Or maybe because someone else will read the thread and learn in the process? Or that, when you're replying to the post, someone corrects an error of yours and you learn something new because of it? Gee, those homework questions sure do damage...
If this 'harmless' script gets executed with enough access, it could bring a server to its knees by filling it up.
If they have the privileges to execute this script and have malicious intents, they can do far, far worse than fill up some disk space. Worry about the privilege escalation first, then worry about more damaging options. After you've solved those, you can worry about filling up disk space.
If it was simply research, why the need to double itself in size? If its simply research, the problem is creating a persistant program that runs itself over and over.
Because that's the first thing that popped into his or her head? Because he wanted to learn more about the language and operating system he or she was using and decided this might be a good way? Maybe the goal was to test a new security tool.
I'd like to ask first ... how is this indicitave of "much worse will happen"?
Because far more damaging tools already exist. Because thousands and thousands of people know how to cause massive damage on a widespread scale. Unless people start getting a clue about these threats, we're going to problems that make every incident to date look like harmless pranks. By claiming that something like this poses a security threat, you trivialize the real threats and make people feel safe.
Anyways, these problems aren't going to be solved on "Perl Monks" so I'll be on my merry way now. Later.
| [reply] |
|
|
I made this post because that's the first thing that popped my head and also because i wanted to learn more about the language and operating system iam using and decided this might be a good way....
i want to experiment with perl's capabilities and not create a virus here...
is that so bad for somone to try and code what just popped into his mind for fullfilling his curiocity and play around?!?!
i dotn think so.
| [reply] |
|
|
is that so bad for somone to try and code what just popped into his mind for fullfilling his curiocity and play around?!?! i dotn think so.
No, in fact it is one of the greatest things about any technology. It is the key driving force behind any innovation. Without this curiosity we wouldn't be where we are today.
I think Alan Perlis said it best:
I think that it's extraordinarily important that we in computer science keep fun in computing. When it started out, it was an awful lot of fun. Of course, the paying customers got shafted every now and then, and after a while we began to take their complaints seriously. We began to feel as if we really were responsible for the successful, error-free perfect use of these machines. I don't think we are. I think we're responsible for stretching them, setting them off in new directions, and keeping fun in the house. I hope the field of computer science never loses its sense of fun. Above all, I hope we don't become missionaries. Don't feel as if you're Bible salesmen. The world has too many of those already. What you know about computing other people will learn. Don't feel as if the key to successful computing is only in your hands. What's in your hands, I think and hope, is intelligence: the ability to see the machine as more than when you were first led up to it, that you can make it more.
As soon as you no longer feel that curiosity, as soon as you find yourself criticizing others for trying something new, it's time to switch professions.
Best of luck! (not that you'll need it :-)
| [reply] |
|
|
|
|
| [reply] |
|
|
