Þann Föstudaguren den 24 mars 2006 08:41 skrifaði Andre Truter:
Also correct, but it DOES mean that the weaknesses and types of malicious software is very different and should be treated in a different manner. Agreed ... my own sentiment is, that the word "Virus" should not be used at all on Linux systems. I find the word "lame".
A virus as we define it (a malicious program that imbed itself in a system and then replicate itself and distribute itself to other systems) does not have a good chance of survival on Linux. Backdoors have been notorious in Unix systems. I've got one notorious one in mind, that was inbedded into the C compiler itself when compiling "login.c". And creating a system that "erases" itself, is not that uncommon either. Creating a "software" package that does "propagate" some controlling structure, that will ensure the "removal" of the software after a specific date, for an example.
Fact of the matter is, that the "professional" community was using these kind of features long before Windows was born, or became popular. An example of such structure built into a system, was the Atari ST system, which would scan for a specific byte sequence on an even ram address on warm reboot, and execute that block if it found it. This was built into the ROM bios itself.
Viruses are not a big threat to a Linux system, due to it's design, you are more likely to be compromised by an actual person breaking into your system.
Has little to do with the design of the system. It has a lot more to do with how the Linux community is, as in open source and regular updates. A program pretending to be "bash" shell for example, is not going to live long, because its going to be removed and reinstalled pretty regularly. And trying to put something inside a ".profile" script or similar, is likely to be discovered as most Linux users are enthusiasts that are fiddling with these things all the time. As in this community a source code is likely to be scrutinized by many, especially on volatile systems.
It is no use we help newbies to go ghost hunting for a 1% threat while they are totally oblivious to the real threats. We should help people to rather focus on the real threats.
Unix has never strived to be "Idiot proof", like Windows and Mac do. Nor do I think the "Idiot proof" stragedy should be deployed at all. My personal sentiment here is, that the user her/himself is responsible for the security of their data. And in environments where security is of special interest, some security enhancements such as selinux with rolebased access is proper.