Re: Does Linux have viruses?

To: debian-edu@lists.debian.org
Subject: Re: Does Linux have viruses?
From: Finn-Arne Johansen <faj@bzz.no>
Date: Sat, 4 Dec 2004 17:17:50 +0100
Message-id: <[🔎] 20041204161750.GA21182@bzzware.org>
Mail-followup-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 20041204105330.GC13759@siisu.kleppe.newton>
References: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton> <[🔎] 20041204013330.GA14902@bzzware.org> <[🔎] 20041204105330.GC13759@siisu.kleppe.newton>

On Sat, Dec 04, 2004 at 11:53:30AM +0100, Conrad Newton wrote:
> >From Finn-Arne Johansen on Saturday, 2004-12-04 at 02:33:30 +0100:
> > On Sat, Dec 04, 2004 at 12:07:54AM +0100, Conrad Newton wrote:
> > > While it is clear that it is *much easier* to write viruses for Windows,
> > > it does not seem altogether *impossible* that it could be done for
> > > Linux, too.  Unfortunately, "much easier" is not easy to quantify, and
> > > therefore open to dispute!
> > 
> > Yes, I've heard (rumors) about viruses that will attack Linux. But
> > lets start the other way around. 
> > 
> > Lets start with personal experience: 
> >
> > <long discussion of server security>
> > 
> > Lesson learned: 
> > - Dont run services you dont need availible from the outside. 
> > - Security patch as soon as the patch is availible. Set your servers to
> >   check for patches at least once a day.  
> > 
> > Okay, what about if I dont have anything open to the outside - then I'm
> > safe ? 
> 
> Right, this is the issue I care about.  We know that servers are
> problematic, but suppose I have a family situation (no hostile users,
> only ignorant users), operating behind a well-configured firewall . . . 
> how safe are they?
> 
> > - Well, you have the users on the inside. They may comprimise your
> >   system, for not so long ago there was a bug that would cause the
> >   kernel to lock up 100% of the kernel. BTW I think
> >   debian-edu/Skoleinux was one of the first "distros" to patch this
> > - The webbrowser could have a bug in the way it handle some pictures
> >   that could make it possible to execute an app and start a
> >   hole/backdoor
> > 
> > Still here the cure is Update with the latest security patch as soon as
> > it's availible. 
> 
> This is a hostile user scenario.  What if there are no hostile users?

No, Even if there are no hostile users, there could be some bug in an
application that fetches things from the outside. Apps such like
mozilla, opera, konqueror fetches things from the outside. And there
have been bugs to libraries that handles png that could cause execution
of some code that could lead to something. I think even lynx and mutt
could have such code, but I dont think they have. As long as you get
something from the outside, it doesnt matter if it's mail or webpage or
image or whatever, there could be some sort of weakness to the app that
fetches this, and that weakness could lead to an open hole or execution
of some code that in turn could be misused. But this is something that
could happen to both closed and open source. 

-- 
Finn-Arne Johansen 
faj@bzz.no
http://bzz.no/

Reply to:

References:
- Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>
- Re: Does Linux have viruses?
  - From: Finn-Arne Johansen <faj@bzz.no>
- Re: Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>

Prev by Date: Re: Does Linux have viruses?
Next by Date: Re: Does Linux have viruses?
Previous by thread: Re: Does Linux have viruses?
Next by thread: Re: Does Linux have viruses?
Index(es):
- Date
- Thread