On 2008-07-13T16:48:03, John Andersen
It's true that a traditional system setup has difficulty in spreading viruses, but against trojans the system is just as vulnerable; and local root exploits are not that rare, either. Why do you say the system is just as vulnerable against/to trojans
Trojans usually involve a replacement module for a system module. To get a trojan to work on linux, you have to: 1) Convince someone to download it, 2) put it in the path (usually ~/bin) 3) mark it executable
Binary trojans, if downloaded, are the same - if the user downloads and installs a binary from some untrusted source, they are vulnerable. That we don't see so many of those happening appears to be more of a social line of defense (users not as stupid and prefering to use "official" repos) than a technical one. For trojans in openoffice documents for example, I'd dare say that technically, that's just as vulnerable as on Windows.
Local root exploits generally require the same. You have to get something to execute before it can exploit any pre-existing root weakness.
True. But weaknesses exist in webbrowsers, and we've had exploitable PNGs, flash, java, ... Sure, Linux is good, but it's not perfect, and I think we should not rest on our achievements, but need to be careful to stay ahead. Regards, Lars -- Teamlead Kernel, SuSE Labs, Research and Development SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) "Experience is the name everyone gives to their mistakes." -- Oscar Wilde -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org