[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Does Linux have viruses?

>From Herman Robak on Saturday, 2004-12-04 at 03:37:21 +0100:
> On Sat, 2004-12-04 at 00:52, Conrad Newton wrote:
> > >From Ben Higginbottom on Friday, 2004-12-03 at 23:29:37 +0000:
> 
> > > Someone with root access to a box logged direcly 
> > > into it as root, and then used evolution to read their 
> > > emails and was infected.
> > > In other words, the user screwed up.
> > 
> > Root access is dangerous of course, but normally I would not
> > blame the user for reading their e-mail!
> 
>  Normally, on Linux, we DO blame the user for reading their
> e-mail _as root_!  Running X as root is considered questionable.
> Maybe distros should do as Skolelinux does on the thin clients:
> Probihit graphical root login.  They you have to use "su" or
> "sudo".  I think sudo could me more used.

I agree that is bad policy to run X, read e-mail, etc. as root.

My only point was that such activities are not dangerous in and of
themselves, unless there exists a vulnerability.  If there *is* such 
a vulnerability, then also the ordinary users may suffer.  So reading 
your mail as herman may protect the system, but it will not protect you,
nor will it prevent the virus from being re-transmitted.

And I am *not* going to blame you for reading your e-mail!
I am sick and tired of people who blame the user for opening attachments
to his/her mail---why don't we put the blame where it belongs?
On the vulnerable programs.

>  The way Linux distros always make the user create a user account
> and a root account (Ubuntu Linux foregoes the root account, and
> promotes sudo, BTW) is essential.  The fact that it does not
> provide a very easy way to make the normal user a member of an
> "admin" group is also essential.  That is something a user would
> do, if he was offered a convenient way to do it.  Instead, he is
> forced to use sudo or su once in a while.
> 
>  For now, this makes Linux fairly secure.  Not because it
> really is, but because the competition is so much worse.
> 
>  I don't think this will be quite enough.  Linux will gain
> features that make more and more things happen "under the
> hood", without user interaction.  And a larger and larger
> portion of the user base will be completely oblivious as to
> what really goes on.

Right, this is also my worry . . .

>  Security Enhanced Linux could lock things down so that 
> e.g. your mail client could not do all the dangerous stuff
> you yourself are allowed to do.  The problem with that is
> configuration, documentation, user interface and support:
>  The tools are arcane, not that widely used and most Unix
> people still only know how to deal with the old permission 
> matrix (d)|rwx|rwx|rwx.  Slick and powerful KDE and GNOME
> GUIs exposing all the power of SE Linux is a must; without
> it SE Linux will not become the baseline.

Right again.  This is probably the way to go, but it will
take years to gain acceptance.

Conrad
Reply to: