Torvalds Creates Patch for Cross-Platform Virus

Posted by ryuzaki0 on Tuesday April 18, 2006 @09:12AM from the just-here-to-make-things-work dept.

Newsforge is reporting that Linus Torvalds took a few minutes to review the cross-platform proof of concept virus covered yesterday and has proven that the virus does indeed not work with latest kernel version 2.6.16 and even released a patch in order to fix this "problem." From the article: "The reason that the virus is not propagating itself in the latest kernel versions is due to a bug in how GCC handles specific registers in a particular system call. [...] So the virus did a number of strange things to make this show up, but on the other hand the kernel does try to avoid touching user registers, even if we've never really _guaranteed_ that. So the 2.6.16 effect is a mis-feature, even if a _normal_ app would never care. It just happened to bite the infection logic of your virus thing."

2 of 195 comments (clear)

Min score:

Reason:

Sort:

how does this compare? by Sathias · 2006-04-18 11:38 · Score: 0, Redundant

Linus Torvalds took a few minutes to review the cross-platform proof of concept virus covered yesterday and has proven that the virus does indeed not work with latest kernel version 2.6.16 and even released a patch in order to fix this "problem."

Is this similar to MS declaring that a virus is not a problem if the user has kept their machine up to date with patches? ie in theory they should have but in practice a lot of people are still using a less than fully patched OS?

--
Blessed are the 1337, for they shall pwn the earth.
1. Re:how does this compare? by Smauler · 2006-04-18 12:45 · Score: 0, Redundant
  
  No... you've missed the point. The virus in question did not work as intended on previous (current) versions of Linux. The virus should have worked, so Linus produced a patch which obtained the desired behaviour of Linux, and thus let the virus work. So now the virus _does_ work as intended.
  
  I hope that is all clear...