[MLB-WIRELESS] Virus risks on Linux?

Steve Wright paua at quicksilver.net.nz
Wed Oct 9 09:50:58 EST 2002 

Tony Langdon wrote:

>>A question to throw into the linux and open source user circle...
>>Is linux as much at risk to virus' as Windows, etc?
>>
>
>I think the answer is "yes and no".  Linux is less susceptible to the
>"scripting" type viruses and worms that plague Windows, because Linux
>software tends not to have as much emphasis on automagically doing
>everything when you open an email, whereas Windows (especially Microsoft)
>software has a lot of automatic scripting capabilities, which viruses and
>worms can tap into.  The Outlook preview pane is a classic example of this
>in action.
>

not true.  Standard RedHat 7.3, by default, has way more scripting 
languages than windows will ever have.

Also, functionality of mail readers for Linux approaches, and in some 
areas surpasses what windows offers.

The difference is - scripting langauages for Linux are 'abstracted' from 
the operating system, making it difficult to wreak any real harm, 
whereas in windows these scripting languages are a fundamental part of 
the O/S, and therefore have read/write permission for everything.  This 
is a foolish scenario of course as any virus writer has free-run of the 
system once he is past the initial hurdle - getting the email onto the 
users' desktop.


>
>Linux users also tend to run their end user apps as a non root user, so the
>amount of damage a traditional virus can do is usually quite limited and not
>system wide (unless the virus can exploit a local root hole on a system
>binary).
>

It is daft to run *any* program as root, unless it is gauranteed secure 
- which it rarely is, hence the regular 'vulnerabilites' type updates we 
see for Linux distros.

"end user" software *never* runs as root unless  a. the system is not 
connected to *any* network,  b. you are happy with destroying your 
system with a single typo (done it 3 times myself)  or  c. you just like 
living dangerously.

of course, as you suggest, non-root processes have a very limited 
opportunity to do harm.

>
>For a pure Linux environment, there's no real need for a traditional virus
>scanner.... yet.  That may change one day, if more virus writers target
>Linux.
>

agreed.  I think the hax0r community will be less inclined to destroy an 
open-source operating system.  Many folks (even non-crackers) consider 
microsoft to be equivalent to the tax-man, and could not care less if 
microsoft were targetted.  Linux is a community-owned system, and is 
less likely to be actively targetted.

I have run Linux for 3 years or so (no windows in our house) I have 
never been touched by any virus/attack/anything, and I'm on the net 24/7.
I have *recieved* a few viruses, but simply deleted them.. <shrug>

viruses, today, are irrelevant to Linux.


/sw

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wireless.org.au/pipermail/melbwireless/attachments/20021009/18647a24/attachment.html>

More information about the Melbwireless mailing list