Is DOS under Unix immune?

Tom Neff tneff at bfmny0.BFM.COM
Fri Aug 3 20:23:57 AEST 1990 

In article <JES.90Aug2223811 at mbio.med.upenn.edu> jes at mbio.med.upenn.edu (Joe Smith) writes:
>We are considering adopting '386 Unix in the lab, but I'm curious
>about something.  Are the DOS under Unix implementations immune to the
>usual PC viruses?  If so, how (in a nutshell)?  If not, is the Unix
>filesystem safe at least?  I suppose most readers already know the
>answer(s), so just e-mail...

Depending on the virus, I would say 'no' DOS under UNIX is not immune
to infection, but the UNIX system itself is probably safe.

VP/ix has four kinds of disk access:

 (1) floppies, at the driver level.

 (2) 'real' DOS hard disk partitions, again at the driver level.

 (3) Pseudo-disks (/usr/vpix/defaults/C:) at the block level, through
     a special VP/ix interface.

 (4) The UNIX filesystem at the 'stdio' level, through a TSR resident 
     under DOS (Redirect) that uses hooks to the VP/ix executive.

Any virus built to talk to the disks at a ROM-BIOS or "block" level will
tend to succeed on types (1), (2) and (3) above, but fail on type (4).
Viruses dealing with FILES (in a well-behaved way) only, rather than disk
blocks, might work on (4) but they are also the easiest to detect.

An infected VP/ix site could certainly infect others via diskette or
upload.  So the virus life cycle can, in principle, run to completion.

But any virus that's dependent on such things as precise clock timing
or transparent access to the controller hardware seems likely to fail,
although it could certainly lock up the box in failing.

Since the files DOS and VP/ix need to run are usually not otherwise
critical to the operation of the host UNIX system, it is unlikely that a
DOS virus infected site would have problems with its performance as a
UNIX system.  Effectively, UNIX would not itself be infected.

The above remarks apply to viruses designed for the standalone PC.
But what about a VP/ix or DOS Merge specific virus?  Is one possible?
Absolutely!  And given the privileged access VP/ix has, the potential
for harm to the UNIX side is great.

I think the biggest protection VP/ix has going for it now is that there
aren't enough sites to tempt malicious hackers.  That may change someday.

-- 
"NASA Announces New Deck Chair Arrangement For   \_/  Tom Neff
Space Station Titanic" -- press release 89-7654  \_/  tneff at bfmny0.BFM.COM

More information about the Comp.unix.i386 mailing list