Some thoughts about anti-virus software for Linux

Mario Vukelic mario.vukelic at dantian.org
Fri Jan 23 19:09:21 UTC 2009


On Fri, 2009-01-23 at 17:24 +0100, Florian Diesch wrote:
> During the installation some scripts are run as root.

Certainly

>  An attacker
> could use this scripts to compromise your system if he can make you to
> install a compromised package.

True, but if you install from compromised media and/or run untrusted
software with root privileges no anti-malware software can save you.

> Therefor it's important to use only trustworthy repositories and be
> careful if a package's signature can't be verified.

Very much so. And check you installation iso's md5sums. (Question: are
Ubuntu iso files GPG signed like the packages in the repos? They should
be)

> -----------------------------------------------------------------------
> **  Hi! I'm a signature virus! Copy me into your signature, please!  **
> -----------------------------------------------------------------------

How fitting. Quick, fire the AV scanners! ;)





More information about the ubuntu-users mailing list