Some thoughts about anti-virus software for Linux
Mario Vukelic
mario.vukelic at dantian.org
Fri Jan 23 19:09:21 UTC 2009
On Fri, 2009-01-23 at 17:24 +0100, Florian Diesch wrote:
> During the installation some scripts are run as root.
Certainly
> An attacker
> could use this scripts to compromise your system if he can make you to
> install a compromised package.
True, but if you install from compromised media and/or run untrusted
software with root privileges no anti-malware software can save you.
> Therefor it's important to use only trustworthy repositories and be
> careful if a package's signature can't be verified.
Very much so. And check you installation iso's md5sums. (Question: are
Ubuntu iso files GPG signed like the packages in the repos? They should
be)
> -----------------------------------------------------------------------
> ** Hi! I'm a signature virus! Copy me into your signature, please! **
> -----------------------------------------------------------------------
How fitting. Quick, fire the AV scanners! ;)
More information about the ubuntu-users
mailing list