--UKNXkkdQCYZ6W5l3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jan 30, 2004 at 10:19:49AM +0100, Michal Pasternak wrote:
> Ignatios Souvatzis [Fri, Jan 30, 2004 at 11:11:10AM +0100]:
> > If you're not fearing a WinXP virus patching the NetBSD partition(s), I=
=20
> > don't see why you shouldn't do it that way.
>=20
> Could you please provide examples of such virii?

I'm predicting them - I've been doing so for 4 or 5 years - but I'm not
writing them.

Note that our bootblocks can squeeze ffs reading code into less than 8kBytes
on ciscy architectures.

At the current 140kByte budget that a virus writer has, you can do read and
write for ffs, lfs and ext2fs, and add an ELF interpreter and synthesizer
to add your code to some unsuspecting executable (e.g., the kernel). Note
that you save codesize by not implementing system flags - so setting the
kernel to immutable won't help.

Regards,
	-is

--UKNXkkdQCYZ6W5l3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBQBoxljCn4om+4LhpAQHmaAgAiGprMwbCetIKNx805RjKZnb0tLIRMC60
9Z4y1xUHuw/WXx1gW8vWsuvRqViIZouwxxpRcnGCORADxmN4OPqogWTTYTjXGy4S
6ot+lbvLhROQ6wkyTZ/dq1WBYQBm6N/OHJAuQcGukqWsxSuVOlufJm4/ti7OotbF
OO+mvN3jSRCWEt6iLK2XbYNh44L7yMmufOKrGT8ZdoLp5LJffQVpMWylVKx74XQ0
3LdOjsu0ZxoY7TVy/n1MVBpiIP3Ek7w5Bs0muEDmHw4hXW6zu7UAFQJfF3Dimk1Z
HXkN+XxKwXhaXK41LCPHZpFWzqNHCcJx0EDXVQi8LtPVF/5MWWoQnw==
=KkI9
-----END PGP SIGNATURE-----

--UKNXkkdQCYZ6W5l3--