Linux security

Daniel Carrera daniel.carrera at zmsl.com
Sat Apr 29 22:41:09 UTC 2006 

Lorin B Pino wrote:
> If the kernel is not a problem, then how many versions of firefox are 
> running.

Okay, I'll try to rephrase your argument for why Linux is less 
hospitable to viruses:

* Applications change faster. Exploits are changed faster.
* There is more diversity. Linux is good for the same reason that 
monocultures are bad, it decreases the rate of growth for the virus.

These are indeed good arguments.

> Maybe this is totally wrong, but I do believe the different distros do 
> things differently, and it would possibly affect the performance of a 
> virus.

It's not hard to make a stand-alone program that runs on all distros. 
Especially when it's a small program. But the diversity argument comes 
in because the virus might need an exploit to enter your system in the 
first place. For example, if one version of Thunderbird executes 
attachments automatically (including a chmod +x) then the virus would 
depend on that version of Thunderbird to enter your system. But once 
it's inside, the differences between distributions are very unlikely to 
matter at all.

> Some distros place programs or config files under different 
> names, or in different areas of the tree, so a virus would have to be 
> able to find them in different places for different distros.

Thanks to the LSB, the core system files (which are the ones the virus 
might possibly care about) are pretty standarized. But trying a few 
standard paths is not going to stop a virus, this isn't much work 
really. But other differences (e.g. choice of applications) could have a 
significant effect (mostly by reducing the opportunity for the virus to 
spread).

> I only know that I have not had a virus in two years of linux use.

:-)  I haven't had a virus in 8 years.

> Thanks for bringing up the topic!

Thank you for your comments. You brought up good points, I hope you 
don't mind that I tried to refine them a little.

Cheers,
Daniel.
-- 
      /\/`) http://opendocumentfellowship.org
     /\/_/
    /\/_/   ...and starting today, all passwords must
    \/_/    contain letters, numbers, doodles, sign
    /       language and squirrel noises.

More information about the ubuntu-users mailing list