Linux security

[Lorin B Pino]

Daniel Carrera wrote:

> Alan McKinnon wrote:
>
>> The hard part with a Linux virus is not writing it, it's *deploying* it.
>
>
> Okay, why are they harder to deploy? You're just nit-picking on terms. 
> The point is trying to figure out if Linux is less vulnerable to malware.
>
>> A possible solution is to overhaul the OS in such a way that data 
>> files can be tagged as writable only by specified apps i.e. only 
>> *this* signed copy of OO.o can write to *that* .odt file. I really 
>> don't think this is workable, the admin burden and inconvenience will 
>> be large.
>
>
> SELinux to the rescue?
>
> Cheers,
> Daniel.

The problem with deployment of viruses in linux would be the same 
problem as is being discussed with hardware drivers.  How many kernels 
are in use now?  How does each distro perform certain tasks?  Some 
distros structure things quite differently from each other.  I am 
currently running CentOS 4.2 (I am on this list to see what problems I 
may run into before trying ubuntu), and I installed an autopackage 
version of abiword.  Autopackage is trying to set up an installer that 
will work on any distro, but they are having trouble making it work with 
debian and it's derivatives.  I am assuming that virus writers would run 
into the same problems.  Viruses in the windows world usually target a 
certain release of windows, IE, or OE.  If someone wrote a virus that 
was 100% effective on RHEL3, Would that virus be able to run on my SUSE 
9.2, CentOS 4.2, or Mandrake 9.1?  My _opinion_ is that until there is 
more similarity between distros, or a particular distro starts to 
dominate the linux market, it would be difficult to write a virus that 
will have a very wide spread effect.  After all, a virus is just another 
program.
~Lorin