l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2002 Apr 24 22:22

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linux's Vulnerability to E-mail Viruses
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linux's Vulnerability to E-mail Viruses



On Wed, 2002-04-24 at 21:21, Richard S. Crawford wrote:
> I'm operating under the assumption that while viruses for Linux that
> spread like Windows viruses are very rare, there are still some out
> there.
> 
> So, given that, what level of vigilance is necessary against incoming
> viruses in a Linux system?

Viruses for Linux exist, but are rare.  E-mail viruses, as per your
subject line, don't exist at all (yet).  This is because Windows has
default settings which will actively run any scripts embedded in HTML
mail, which means that as soon as you read your email, that embedded
script can run, say, an attached executable with massively destructive
capabilities >:] >:] >:]

...Linux has no problems of this sort, for the simple reason that nobody
has been stupid enough to write mail clients which are capable of
automatically running executables.

However, if you have an attachment which is some sort of script, or is a
file which takes advantage of a buffer overflow, etc. it could still do
damage if you have mailcap settings which will automatically run it or
load it into an insecurely buggy program - that latter, however, is
extremely unlikel - still, with the zlib buffer problem that was
recently discovered, such things are certainly not impossible.  So, the
rule for Linux is basically the same as for Windows:  never view
attachments when you don't know the source.

But, as to Linux viruses in general: the reason they are so rare is that
they are not very effective unless the victim is unusually moronic. 
Because they can only do damage to things over which the victim has
privileges.  If you're an average joe-type user, the best it can do is
wipe out your particular files.  It can't touch anybody elses files, and
can't screw up your system, generally speaking.  Most of the "viruses"
around today aren't really viruses at all - they're trojans, which
require the user to run them as root (or at least a very priveleged
user).  Since root tends to be suspicious (hopefully) of strange
programs, such problems are rare indeed.

-Micah

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.