Re: Does Linux have viruses?

To: Debian-edu <debian-edu@lists.debian.org>
Subject: Re: Does Linux have viruses?
From: Herman Robak <herman@skolelinux.no>
Date: Sat, 04 Dec 2004 17:32:32 +0100
Message-id: <[🔎] 1102177952.17466.579.camel@pc058.qadoc.oslo.opera.com>
In-reply-to: <[🔎] 20041204104040.GB13759@siisu.kleppe.newton>
References: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton> <[🔎] 41B0F6E1.5010701@ntlworld.com> <[🔎] 20041203235246.GC8594@siisu.kleppe.newton> <[🔎] 1102127841.17463.510.camel@pc058.qadoc.oslo.opera.com> <[🔎] 20041204104040.GB13759@siisu.kleppe.newton>

On Sat, 2004-12-04 at 11:40, Conrad Newton wrote:

> I agree that is bad policy to run X, read e-mail, etc. as root.
> 
> My only point was that such activities are not dangerous in and of
> themselves, unless there exists a vulnerability.  If there *is* such 
> a vulnerability, then also the ordinary users may suffer. 

 But the scope of the damage is somewhat limited.  Security is
not all-or-nothing.  Being unable to compromise system files and
installed programs is a very important feature.

>  So reading your mail as herman may protect the system,
> but it will not protect you, nor will it prevent the virus
> from being re-transmitted.

 True.  This is where Linux is lacking today.  You can do many
bad things without compromising system files.  Propagating 
malware over the network is one of them.  Exposing or deleting
your private, sensitive (and confidencial?) data is another.

> And I am *not* going to blame you for reading your e-mail!
> I am sick and tired of people who blame the user for opening 
> attachments to his/her mail---why don't we put the blame 
> where it belongs?
> On the vulnerable programs.

 On Linux, I would agree.  On Windows, I would not.

If you use Windows, you just have to know that the system
does not Do What You Mean when it comes to malware/spyware,
and act accordingly.  That's just the sad state of affairs.
It usually Does What You Say (after you have been conned).
Of course, a system that very often does not Do What You
Mean is not really useable.  If you want something useable,
get a Mac!

 The NT family of Windows has file permissions.  But only
system administrators use them.  Programs _can_ use them,
but don't, because it would be a support hell: "I click on
this file I downloaded, and I get this error message.  I
then click OK, and nothing happens."  Windows users never
expect anything like "permission denied" on their own
computer.  It would baffle them, annoy them, and be a 
total show-stopper.  So NT/W2K/XP have file permissions,
but do little to expose them in the GUI.

 On Unix, the programs save files to disk with the default
permissions.  That means a file will not have the executable
bit set, unless the program explicitly asks for it.  Unless
the program is a compiler, that would be a Really Bad Idea,
so your mail program won't.
 This, it is not the applications that save us from
executing attachments.  It's the system.  And there may
be ways to subvert this.  E.g. if the attachment is an
archive, where file permissions are preserved.

 Final rant: Whatever the user interface pundits may say
about "open" and "run" being equivalent, don't listen!!!
It makes a hell of a difference whether that attachment
is supposed to be "run" (executed) or "opened" (displayed)!

-- 
 Herman Robak

Reply to:

Follow-Ups:
- Re: Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>

References:
- Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>
- Re: Does Linux have viruses?
  - From: Ben Higginbottom <ben.higginbottom@ntlworld.com>
- Re: Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>
- Re: Does Linux have viruses?
  - From: Herman Robak <herman@skolelinux.no>
- Re: Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>

Prev by Date: Re: Does Linux have viruses?
Next by Date: Re: Does Linux have viruses?
Previous by thread: Re: Does Linux have viruses?
Next by thread: Re: Does Linux have viruses?
Index(es):
- Date
- Thread