Re: OT: Linux Malware is possible? if it is :(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 02, 2009 at 02:48:09PM +0000, Michal wrote:
> If you think your safe because you run Linux then please step away from
> computers. ...

Yes, but with qualifications.  The problem with Windows has
been, and generally is, that the user usually runs with elevated
privileges--compromise that user, you compromise the entire OS.
Microsoft tried (clumsily) to batten down that hatch with Vista--got
fried for it (among many other shortcomings), and with Windows 7 has
loosened security again, to the point the problem is back.

Linux (or Unix) isn't immune to any program that a cracker can get you
to run (Trojans).  What it *is* generally immune to is system-wide
corruption of the OS, since privilege separation is native to the OS
model.  That is, if you only run as user 'foobar', and are tricked into
running a trojan, YOU, as user foobar, are infested.  If security is
properly configured, you can't modify general OS files.

Now, there are caveats all OVER the place.  First, there are almost
certainly people out there who run as root.  All bets are off in that
case--they get compromised, the box is compromised.

Secondly, once you (as the bad guy) get a user to run something for you,
you can start poking at the system itself.  In this case, you're looking
for a flaw in the system security itself--either misconfiguration, or
an actual hole in some program or service that a normal user can run
or use.  Much harder than Windows, but such flaws have been encountered
in the past.  Failure on the user's part to maintain updates helps this
kind of attack; the probability of a zero-day or longer term unknown
flaw is low, and the Linux developer community is very responsive to
repairing security-related bugs as they're discovered.

SO--Linux provides a deeper level of protection through integral
privilege separation than Windows.  While no OS is unbreakable, the
barrier IS higher for Linux.

You can help it--run as an unpriviliged user except when necessary.
Don't put in hacks that make it easy to elevate to root without a
password.  Maintain your updates.

Cheers,
--
	Dave Ihnat
	dihnat@xxxxxxxxxx

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux