Security on ReactOS

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

rodolphedj
Posts: 1
Joined: Tue Aug 29, 2006 3:17 pm

Security on ReactOS

Post by rodolphedj » Tue Aug 29, 2006 3:27 pm

Hello,

ReactOS wand is same OS Windows.
But about security :roll: ??

What is the position of ReactOS ?



Rodolphe

Switchboy
Posts: 97
Joined: Mon Oct 03, 2005 9:29 am

Post by Switchboy » Tue Aug 29, 2006 6:20 pm

Exploits coded specipficly for windows will not workd on ReactOS. But trojans and other virusses that bind them self tot .exe's are probebly able to run.

TOTMS
Posts: 112
Joined: Thu Sep 29, 2005 3:00 pm
Location: London, UK
Contact:

Post by TOTMS » Tue Aug 29, 2006 11:29 pm

Apart from better thought out security models, the main reason that other oses suffer less from malware is because of market share. While ROS is still in the early stages, I very much doubt anyone will spent a lot of time trying to write platform specific viral /malware code.

atarixle
Posts: 112
Joined: Thu May 19, 2005 12:48 pm

Post by atarixle » Wed Aug 30, 2006 3:33 pm

Switchboy wrote:Exploits coded specipficly for windows will not workd on ReactOS. But trojans and other virusses that bind them self tot .exe's are probebly able to run.
What about Exploits codec specipficly for ReactOS.

Since what build number will ReactOS get security features?

samwise52
Posts: 119
Joined: Mon Oct 10, 2005 7:14 pm

Post by samwise52 » Wed Aug 30, 2006 3:58 pm

What about Exploits codec specipficly for ReactOS.

Since what build number will ReactOS get security features?
There are no reported Exploits for ReactOS and i doubt there will be anytime soon. ReactOS is on going work, there is no "build with security" security features will be added in later versions.

0.3 doesnt even have a functional winlogon :roll:

0.3.1 does :wink:
Can you picture what could be? So limitless and free.. in need of your help ReactOS 0.4

Jaix
Moderator Team
Posts: 838
Joined: Sat Nov 27, 2004 3:40 pm
Location: Sweden, Växjö

Priority

Post by Jaix » Mon Sep 04, 2006 1:22 pm

It's much about priority actually, noone cares about sequrity in a system that isn't usable, but soon people is going to start using ROS for certain tasks and then the issue will be more interesting, but I guess security woan't be a priority until we go final or just before that.
When viruses and malware is starting to work as in windows we hope that the "anti-ones" are going to work too thus get all sequrity from 3rd party to do the trick.

Gimmi123
Posts: 16
Joined: Mon Sep 04, 2006 3:49 am
Location: Sposylvainia,VA
Contact:

Post by Gimmi123 » Tue Sep 12, 2006 2:22 am

samwise52 wrote:
What about Exploits codec specipficly for ReactOS.

Since what build number will ReactOS get security features?
There are no reported Exploits for ReactOS and i doubt there will be anytime soon. ReactOS is on going work, there is no "build with security" security features will be added in later versions.

0.3 doesnt even have a functional winlogon :roll:

0.3.1 does :wink:
We WILL need security features,I was browsing the screenshots of ReactOS and I was looking at the McAfee Stringer Tool and it foung like 4 viruses...

Here it is...


[img][img]http://images6.theimagehosting.com/mcaf ... ger.th.png[/img]
[/img]

samwise52
Posts: 119
Joined: Mon Oct 10, 2005 7:14 pm

Post by samwise52 » Tue Sep 12, 2006 5:08 am

WTF!!? where did those viruses come from!?

could they be false positives?
Can you picture what could be? So limitless and free.. in need of your help ReactOS 0.4

oiaohm
Posts: 1322
Joined: Sun Dec 12, 2004 8:40 am

Post by oiaohm » Tue Sep 12, 2006 12:30 pm

There are three basic rules if this does happen.

Number one all files detected as infected must be listed with what they where infected with.

Number two did not list reactos version this is kinda important if the system has been breached.

Number three No version of the McAfee Stringer Tool. So there is no simple way for Reactos people to double check and if just false postives report to MaAfee.

This information is normally even required when reporting to AV companys. Without there is nothing much I or anyone else can do about it.

I propose a format like this. Its simple neet
Reactos Version: <Reactos VERSION>
Application: <THIS CASE McAfee Stringer Tool>
Version of Application: <Version of application>
<Filename> <Virus>
Now please note testing any form of Anti-virus on any OS you normally intruduce harmless but detectable files. So screenshots are to be expected with it detecting stuff. I am most likely to use eicar test string.
It detects as a virus but is complete harmless.

Ok list of requirements for security should start entering the table at 0.3.1 - 0.4.0. Reason you cannot do alot of good security without two things. A filesystem to store secuirty attributes and a stablish OS.

EmuandCo
Developer
Posts: 4334
Joined: Sun Nov 28, 2004 7:52 pm
Location: Germany, Bavaria, Steinfeld
Contact:

Post by EmuandCo » Tue Sep 12, 2006 1:16 pm

Just add a OpenSource or Free AntiVirus and Firewall app to ReactOS Packet Manager. No need for more right now. Lets talk about this again when ReactOS reaches BETA Stadium.

Harteex
Posts: 224
Joined: Fri Nov 26, 2004 9:21 pm
Location: Sweden
Contact:

Post by Harteex » Tue Sep 12, 2006 2:19 pm

samwise52 wrote:WTF!!? where did those viruses come from!?

could they be false positives?
Just a theory but I would guess that the one who took that screenshot copied over a virus file to ROS on purpose just to test the AV app.

oiaohm
Posts: 1322
Joined: Sun Dec 12, 2004 8:40 am

Post by oiaohm » Tue Sep 12, 2006 3:13 pm

Status confirmed in Mailing list. Viruses were copied onto drive to test scanner. Not part of Reactos. Sometimes screenshots don't show what they seam to. Nothing more than a test.

Ferret-Simpson
Posts: 37
Joined: Thu Aug 31, 2006 3:38 pm

Post by Ferret-Simpson » Wed Sep 13, 2006 7:20 pm

|Cough| Reiserfs |Cough|

:wink:

oiaohm
Posts: 1322
Joined: Sun Dec 12, 2004 8:40 am

Post by oiaohm » Thu Sep 14, 2006 11:50 am

Ferret-Simpson there is a Windows Reiserfs Driver kinda stalled in development on sourceforge.net. Feel free to go and continual it to a point usable to reactos.

Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Post by Z98 » Thu Sep 14, 2006 3:55 pm

Just a thought, but the fact that certain antiviruses, say, Norton, actually attempt to modify the kernel, which I personally think is a bad idea, wouldn't that technically hamper installation on ReactOS? I know the kernel is attempting to be compatible with NT, XP, etc, but when we're going down that low, minor differences can easily throw off things.

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot] and 5 guests