lemm.ee

-15 points

1 year ago

I don’t use Windows but if you install a program that requires a service on Linux, the service will be written to your system’s services daemon awaiting your activation. I don’t see what the issue with that is.

report

[ - ]

citytree@lemmy.ml

8 points

1 year ago

What’s to stop the installer on Linux from configuring the service such that the service always runs on boot? e.g. systemctl enable malware.service.

report

[ - ]

-8 points

1 year ago

You still need to manually enable the service. The configuration of the service has zero effect on its activation or lifecycle.

report

calm.like.a.bomb@lemmy.dbzer0.com

[ - ]

8 points

1 year ago

Huh? Any script can create a service, enable it and then start it. What would make you think the brave package (or just the application itself) can’t do this?

report

[ - ]

-7 points

1 year ago

Not possible to start or enable a created service without user intervention. You don’t know what you are talking about.

report

[ - ]

Ferk@kbin.social

10 points

1 year ago

Systemd “enabled” services are literal symlinks… whenever a target runs, it tries to start also all the service files on its “wants” directory.

You can literally enable any service for next boot by making a symlink in /etc/systemd/system/multi-user.target.wants/ (or whichever other target you want it to run on) as root (and installation scripts are run as root).

ln -s /usr/lib/systemd/system/whatever.service  /etc/systemd/system/multi-user.target.wants/whatever.service

report

[ - ]

0 points

1 year ago

This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

report

[ - ]

6 points

1 year ago

Deleted by creator

report

[ - ]

-1 points

1 year ago

Bruh you just ran the command to enable the ‘written’ service. Comprehension is a problem in this community.

report

calm.like.a.bomb@lemmy.dbzer0.com

Show more comments

[ - ]

5 points

1 year ago

OK… challenge accepted. Maybe you don’t know about systemd user services.

Content of mytrojan.sh:

#!/usr/bin/env bash

echo "Writing the service unit file"

cat > ~/.config/systemd/user/my_test_service.service &lt;&lt; EOF
[Unit]
Description=Script Daemon For Test User Services

[Service]
Type=simple
User=
#Group=
ExecStart=/home/user/bin/myscript.sh
Restart=on-failure
StandardOutput=file:%h/log_file

[Install]
WantedBy=default.target
EOF

echo "Reloading systemd for the user"
systemctl --user daemon-reload || exit 1

echo "Enabling and starting the service"
systemctl --user enable --now my_test_service.service

Content of myscript.sh:

$ cat ~/bin/myscript.sh
#!/usr/bin/env bash

while true
do
    now=$(date)
    me=$(whoami)
    echo "User $me at $now"
    sleep 10
done

Now run the script (mytrojan.sh) and check service status after that:

$ ./mytrojan.sh
Writing the service unit file
Reloading systemd for the user
Enabling and starting the service
$ systemctl --user status my_test_service.service
● my_test_service.service - Script Daemon For Test User Services
     Loaded: loaded (/home/user/.config/systemd/user/my_test_service.service; enabled; vendor preset: ena>
     Active: active (running) since Thu 2023-10-19 12:15:21 EEST; 6s ago
   Main PID: 1666383 (myscript.sh)
      Tasks: 2 (limit: 18757)
     Memory: 556.0K
        CPU: 4ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/my_test_service.service
             ├─1666383 /bin/bash /home/user/bin/myscript.sh
             └─1666387 sleep 10

Oct 19 12:15:21 tesla systemd[1866318]: Started Script Daemon For Test User Services

report

[ - ]

-3 points

1 year ago

You failed. This requires the user to run a script aka manual intervention.

report

Show more comments

[ - ]

Possibly linux@lemmy.zip

3 points

1 year ago

Linux doesn’t have “installers” as Linux uses package managers. The only way you can get malware is if you manually add a bad repo.

So it doesn’t really matter in the long run

report

GlitzyArmrest@lemmy.worldOP

[ - ]

1 point

1 year ago

Deleted by creator

report

[ - ]

AtmaJnana@lemmy.world

0 points

1 year ago

Linux doesn’t have “installers” as Linux uses package managers. The only way you can get malware is if you manually add a bad repo.

Are you really serious making this claim? lol.

report

[ - ]

Possibly linux@lemmy.zip

1 point

1 year ago

Yes, prove me wrong. As long as your running a up to date system there shouldn’t be anything that could be easily compromised.

report

[ - ]

AtmaJnana@lemmy.world

0 points

1 year ago

I’ve been using Linux (and UNIX) professionally since the kernel version started with a “1.” I have no need to try to prove anything to you. Linux has installers other than just those invoked by a package manager, and it is laughable that you claim otherwise.

report