43 Do password/access control systems protect my files from viruses?
Description
This article is from the Computer Viruses FAQ, by Nick FitzGerald n.fitzgerald@csc.canterbury.ac.nz with numerous contributions by others.
43 Do password/access control systems protect my files from viruses?
All password and other access control systems are designed to protect
the user's data from other users and/or their programs. Remember,
however, that when you execute an infected program the virus in it will
gain your current rights/privileges. Therefore, if the access control
system provides *you* the right to modify some files, it will provide it
to the virus too. Note that this does not depend on the operating
system used--DOS, Unix, or whatever. Therefore, an access control
system will protect your files from viruses no better than it protects
them from you.
Under DOS, there is no memory protection, so a virus could disable the
access control system in memory, or even patch the operating system
itself. On more advanced operating systems (Unix, OS/2, Windows NT)
this is much harder or impossible, so there is much less risk that such
protection measures could be disabled by a virus. Even so, viruses will
still be able to spread, for the reasons noted above. In general,
access control systems (if implemented correctly) are only able to slow
down virus spread, not to eliminate viruses entirely.
Of course, it's better to have access control than not to have it at
all. Just be sure to not develop a false sense of security or come to
rely *entirely* on your access control system to protect you.
Continue to:
My Books
