antivirus & firewall για desktop linux [was Re: <άσχετο θέμα>]

Nick Demou ndemou at enlogic.gr
Fri Sep 28 19:51:22 BST 2007 

V.Fotiadis wrote:
> Το γεγονός ότι στο λίνουξ οι ιοι είναι σπάνιοι , κυρίως οφείλεται στην 
> αρχιτεκτονική του. Ένας ιός ή trojan λειτουργεί με αυτόματο τρόπο, 
> δηλαδή κάθεται στο σκληρό δίσκο σε κάποιο φάκελο του συστήματος, 
> εκτελείται και αναπαράγει τον εαυτό του. Γιατί σημβαίνει αυτό; Συμβαίνει [...]
>   
νομίζω ότι κάνεις λάθος - παραθέτω απο παλαιότερο σχετικό post που είχα 
κάνει στο groklaw:

Common misconceptions about Linux and viruses
---------------------------------------------------------
 >>> Viruses and Worms in a Linux Desktop!? Don't Ya know that the linux
kernel is a rock dude?!

Your system's security is as strong as it's weakest point. Linux the 
kernel is
trully very robust but Linux the X distribution is not just the kernel. 
If half
the users with a PC were using application Y daily and that application 
had a
design weakness then you have a door wide open for a virus. If the 
application
is directly connected to the Internet then you can say hello to worms also.

 >>> linux is immune because in most cases users work under regular
non-system accounts. The root account is heavily guarded. This way a 
virus/worm
will only have user-level-access to the system which is not enough to do 
serious
damage and to propagate

People that think like that have high experience in the server area 
where the
root account is indeed very important. This is not true in the desktop 
however.
If a virus/worm can read, write and delete all your personal data, can 
upload to
all ftp, samba, webdav, <whatever> shares, places and repositories you
have write access to and can sent emails and IMs using your accounts 
then it is
very *very* dangerous. (never mind that if you have access to the 
account of a
desktop user of a workstation it is usually very easy to obtain root 
access also
- easier than it is to obtain root access if you have access to an 
account used
by a daemon of a server system)

 >>> a virus/warm must be executed in order to do any harm. Unlike the
windows world in linux a regular-user can't give execute permitions to a 
file so
it is very hard for the virus/warm to execute it's code.

Almost every desktop Linux system has sh, perl, python and probably a 
dozen more
interpreters which will gladly execute any powerful script (read 
virus/worm) you
will pass them as a parameter.

More information about the Ubuntu-gr mailing list