trojan problem
Anders Karlsson
trudheim at gmail.com
Fri Jan 27 12:42:40 UTC 2006
On 1/27/06, albi <albi at scii.nl> wrote:
> On Fri, Jan 27, 2006 at 11:31:00AM +0000, Anders Karlsson wrote:
>
> > Linux is not invulnerable to virii, and there are hundreds of virii
> > for Linux,
>
> really ? where did you find/read/hear this information ?
When I took the in-house Virus Course... Two months ago now or so.
> > they just do not spread so easily. Because Windows has a
> > much larger install base, and usually less cluefull users, virii
> > writers targets Windows because the reward is bigger.
>
> i don't know about the latest MS-windows versions but in the past
> the difference between admin (root) and normal users was non-existing
> in MS-windows, which is one reason that viruses can take down a whole
> MS-windows machine
The fundamental design-flaws aside, when an OS has 80-90% market
penetration, that is the OS that will be targeted the most by virii
authors.
> in linux there has always been a very strict difference between root
> and normal users, if a user would come across a virus it would not take
> control over the whole machine
And? If you run a service that drops root privilege at startup, but
has a remote exploit hole, an attacker can get in, then it is a matter
of finding ways to locally escalate authority, through kernel buffer
overflows etc. Granted, that takes time, effort and know-how, but it
can be done, and it is done. Sticking ones head in the sand will not
work in this instance. If it were Linux with 85% market penetration,
we'd all see a *lot* more virii for Linux.
--
Anders Karlsson <trudheim at gmail.com>
More information about the ubuntu-users
mailing list