Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2010-04-16 at 19:43 -0700, jdow wrote:
> From: "Patrick O'Callaghan" <pocallaghan@xxxxxxxxx>
> Sent: Friday, 2010/April/16 16:51
> 
> 
> > On Fri, 2010-04-16 at 13:47 -0700, jdow wrote:
> >> From: "Patrick O'Callaghan" <pocallaghan@xxxxxxxxx>
> >> Sent: Thursday, 2010/April/15 13:31
> >>
> >>
> >> > On Thu, 2010-04-15 at 13:02 -0700, Michael Miles wrote:
> >> >> Is Fedora really that secure?
> >> >
> >> > Even if we limit the discussion to email viruses, that's a very complex
> >> > and difficult question (to which the answer is "yes" :-). It's not an
> >> > attribute exclusive to Fedora as such, but to all Unix-based systems,
> >> > mainly for three reasons:
> >> >
> >> > 1) The mail client isn't running as root.
> >> > 2) Even when running as root, Linux mail clients won't blindly execute
> >> > attachments.
> >> > 3) Even for executable attachments, the virus is written for Windows 
> >> > and
> >> > won't run on Linux.
> >> >
> >> > Of course it's in principle possible to get past all the above 
> >> > barriers,
> >> > so *in theory* you can have a Linux virus, assuming the user is stupid
> >> > enough to run an unknown executable. As I say, I've never seen one in
> >> > the wild.
> >> >
> >> >> I come from windows and I am amazed at how not secure windows is.
> >> >
> >> > See (3) above. Most viruses are written for Windows as it's the most
> >> > popular platform. MS likes to pretend that's the only reason it gets 
> >> > all
> >> > the grief, but there are other factors.
> >>
> >> Patrick, the best AV tool of all is a savvy user given the number of
> >> social engineering attacks of late. And, at least historically, 'ix users
> >> have been quite savvy about security. That makes a huge difference. A
> >> single mistake running something you should not have because it looks
> >> important can bust your whole day. Based on the security forums I read
> >> I'd not consider Linux bullet-proof "today" - kernel null pointer
> >> dereferences and mmap are your enemy du jour.
> >
> > Again, you're answering the wrong question. This thread is not about the
> > general security or otherwise of Linux. It's about vulnerability to
> > viruses.
> 
> If you are being picky regarding "virus", "trojan", etc then begone little
> boy, you bother me. It does not matter one bit the means of transmission
> if the system is compromised in a manner than a piece of what is
> conventionally called "anti-virus software" would have prevented the
> problem?

Which of the vulnerabilities discussed on the kernel list is
communicable via an email message in such a way as to compromise the
security of the target system without manual intervention on the part of
its user? Please be specific.

poc

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux