Mailinglist Archive: opensuse (1956 mails)

< Previous Next >
Re: [opensuse] Re: Who said Linux doesnot get Virus infections
  • From: James Knott <james.knott@xxxxxxxxxx>
  • Date: Thu, 23 Aug 2007 10:18:21 -0400
  • Message-id: <46CD972D.6000607@xxxxxxxxxx>
Michael Skiba wrote:
Am Donnerstag, 23. August 2007 10:41 schrieb Joachim Schrod:
But, as you can read from the other answers to my post, these
results are obvioulsy dreamed by me and my customers pay for
nothing, because "every linux/unix/*ix box on the planet is not
owned by hackers and spammers while so many possible exploits
exist", as Ken Jennings put it so succinctly. No, no, no. "Every
...  is not owned" -- guys, now I've got it: There are *NO* owned
Linux boxes out there, none at all. You read it here, so it's true.
I should close down the part of my company that's testing and
securing linux/unix systems for my customers; it's not necessary.

Well, by public acclamation, I seem to be wrong, and rest my case.

It's true what he says, we've to face the fact, we're not invincible (yup, even if some of us like to to propagate). The fact that Linux/Unix structure is different to windows, doesn't make it unattackable, some things might be more difficult, right. But a desktop system is always vulnerable, user wants to have this comfort and pay the bill - same as in windows.

Something different might be on the side of the Server systems, where almost no user actions are taking part, it's rather difficult to exploit them(if maintained correctly).


Don't forget, there's two types of desktop. The home or small business user, where anything goes and the corporate desktop, where security is given significant consideration. Even "out of the box", Linux is vastly more secure than Windows. Now, get into the corporate world, where proper security measures are taken, there are other steps which further improve security. In addition to the previously mentioned items, one thing Linux supports is mounting separate partitions (may even be located on a server) on the file system, with appropriate mount options. This means that any directory containing executables can be mounted read only. Also, any partition containing user write-able directories can be mounted noexec, which means that even if an executable is installed, it will not run, no matter what the permissions say. There are many other methods in Unix & Linux, that combine to make them far more secure than Windows ever will be. For example, have you ever used a Windows app that requires admin privileges? If so, that means you've just opened up a security hole. In Linux, in the unlikely event that a user needs root permission, it's very easy to run only that one app and not affect anything else. Bottom line, there are far more barriers to security issues in Linux than in Windows. Please note, I'm not claiming it's perfect, just far more secure, even for a newbie user.



--
Use OpenOffice.org <http://www.openoffice.org>
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups