[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: anti-virus software for Gnu/Linux

[Please wrap your lines!  It makes it much easier to read, and thus more
likely that you'll get a response.  Anywhere between 70 and 80 is
acceptable; 72 seems to be a nice value.]

On Mon, Feb 02, 2004 at 08:51:03PM -0800, MJ Inabnit said
> Greetings:
> I have read several opinions regarding AV for Gnu/Linux.  The last one
> is Rick's rant
> <http://www.linuxmafia.com/~rick/faq/index.php?page=virus>.  However,
> the information is dated.
> So what is the opinion now-a-days?  I just read a post last week where
> a new Gnu/Linux user strongly advocates AV for all new users.  The

Windows users seem to have a fixation on anti-virus software.  The Linux
approach is to just not run crap random people send to you.  I have
never ever heard of a mail client aside from Outlook that will even let
you run executables emailed to you without at least displaying a
huge-ass warning.

The other important point is that Linux (and all Unices that I'm aware
of) do not consider something executable just because a file has a
certain extension.  To run a program, it has to have the +x permission
bit set on it, which (AFAIK, but I'm pretty damn sure) is impossible for
an email attachment to set.

> claim was something along the line of "What if I send you an Email
> with an executable attachment like [cd, rm -r]".  

Then you laugh at them and forward it to your linux-using friends so
they can laugh at the poster as well.  Unless you manually run that
script, nothing will happen.  Nothing at all.  Also, how could a
anti-virus scanner prevent you from running this?  A kernel module that
stops shell scripts from ever executing the "unlink()" syscall (what rm

> I still don't buy the claim that I need AV on my box, but I'm also
> very open to sound security advice.

Don't run crap random people send you.  Keep up to date with updates
from security.debian.org (when it's revived, anyway).  Read
debian-security-announce.  Brush your teeth.  Oh, and kudos for being
skeptical :-)

Rob Weir <rweir@ertius.org> | mlspam@ertius.org  |  Do I look like I want a CC?
Words of the day: terrorism interception Fidel Castro Aldergrove Consul Fat Man

Attachment: signature.asc
Description: Digital signature

Reply to: