Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mepis and Fedora, also Mandrake and SuSE PC-BSD Mint Solaris 11 express
Posts: 385
Rep:
Viruses-- Linux???
Quote:
Originally Posted by acid_kewpie
Linux has plenty of threats, including viruses. Don't be so complacent, it never makes anyone look good.
There is, to the best of my knowledge, no case of a Linux virus in the wild outside of a lab setting. Unless you run as root on the web all the time, you can't even hypothetically get a virus in Linux. Of course, you can have someone physically access your computer or intercept something you send unencrypted over wireless. Encrypting your hard drive such as with Fedora is an awfully good idea.
Name ONE wild Linux virus that was on the news..... anyone??
It's not about being "in the news", it's just factually wrong to say there aren't any viruses, and seeing as how I'd take such a crude usage of "virus" to also cover root kits etc, it's a very foolish thing to say. And also, this is more than likely to be spam, so we're bother wasting our time ;-)
Last edited by acid_kewpie; 01-31-2012 at 06:17 AM.
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 386
Rep:
Quote:
Originally Posted by trutmarkss
i use linux because there has no virus like windows. hehe windows operating system is hell.
Umm.. there are no viruses on Linux for the same reason there are no professional video games on Linux. Its because Linux has less the 1 percent of the entire worldwide desktop market and viruses require some serious engineering effort. Why would a virus developer want to bother with such a tiny market. They wouldn't.
If Linux continues to grow then you will absolutely, positively see viruses on Linux.
Don't be lame and suggest that somehow Linux has some magical power to fend off malware.
Unless you run as root on the web all the time, you can't even hypothetically get a virus in Linux.
Despite being very unlikely, hypothetically it is possible to get a virus when not being root. You "just" need a virus that can take advantage of two unknown/unpatched security holes, namely one in your browser that enables the virus to start a shell and a second one that in any installed software that is executable by the user to elevate to root.
As stated, very unlikely, but not impossible. And that is only for viruses. When it comes to trojans, think of all the, sometimes really obscure, third party PPAs for Ubuntu and derivatives.
A virus doesn't need root access. Regular user (usually) has access to networking and storage devices, so actually you may become a host for some worm etc. But, it'll have problems infecting other users' profiles.
What is the real problem for viruses is the variety: every distro has slightly different kernel and software versions, different files layout etc.
Distribution: Mepis and Fedora, also Mandrake and SuSE PC-BSD Mint Solaris 11 express
Posts: 385
Rep:
These viruses are lab creations. Besides, you do in fact need to be root to install any software at all. However, the use of sudo which allows users to install things without the root password in some cases could be a weakness which could be exploited in the future. Therefore, unless you are doing something which requires root's permissions, don't run as root. Whether or not you are using a gui, IMHO, isn't all that important so long as you aren't root unless you have to be. It is also best to not go online as root unless you absolutely need to do so, for example installing updates or testing a repository. Remote logins are also a big no-no as well.
Each distro is different enough that malware directed at one wouldn't work on others that weren't related to it. These things exist in the laboratory. The article itself states that the threat that they pose is minimal. To make matters worse, even the same distro might not use the same installer. If someone uses yum to update Fedora, for example, while another user uses kpackagekit, it is doubtful that the same virus could attack both even if they are the same distro with identical repositories. Likewise for 32 bit and 64 bit editions of Linux as well.
The main issue with Linux and viruses is that Linux can be a carrier for a virus that can infect M$ without being at risk itself. Linux viruses just don't spread in the wild. Usually in the lab, they are installed by physical access to the system in question. How for example would a virus built to hit a Mandriva system distinguish it from SuSE and therefore know enough to attack it? How would it know who was foolishly running as root online and who wasn't? I guess if you are root and something pops up and says will you install me and you didn't ask for it, the answer is always "no"... if it gets there at all.
With Windows, they are all pretty much the same. They have one desktop, one repository and only a few variations, 32/64 bit, 7/Vista, XP/2000. The servers can also run any program that the clients can in most cases. 7 and Vista also have a compatibility mode whereby they can run programs intended for XP and 2000 or even 98. To make matters worse, M$ users aren't all that proficient & may not even care if there are 1 or 2 viruses on the system so long as it appears to behave normally. Windows is also very automated and installs or removes applications without notifying the user. "Quiet" installs are the norm rather then the exception. Updates appear automatically and can even be set by the administrator account to install themselves... forever !!
Games do exist in Linux. Many of the older video games have been ported over to Linux with slight changes to the name in some cases. Wine and Cedega can run some of the M$ video games as well.
Besides, you do in fact need to be root to install any software at all.
Wrong I'm afraid. You can install SW, eg download/use a tgz (ie src code) pkg and change the Makefile cfg settings to use eg ~user/bin instead of /bin etc ...
As an example, there are plenty of HOWTOs on the web on how to install your own copy of Perl, away from the system install.
Distribution: Mepis and Fedora, also Mandrake and SuSE PC-BSD Mint Solaris 11 express
Posts: 385
Rep:
Not really, don't you need the root password to unzip a file to any /bin or /sbin folder anywhere as well as to make it executable in a /bin directory? I thought SE-linux would do that if you said so. To unzip to /bin or /sbin regardless of what directory it resides in I need to run dolphin as root. The same is true to make it executable.
Last edited by mdlinuxwolf; 02-01-2012 at 10:02 PM.
If the target dir is owned by root only, then of course. When I said ~user/bin I should have said ~<user>/bin ie user's home dir eg /home/fred/bin......
Of course if a prog needs to be root to run, then installing in your home dir as you won't help.
Basically, 'it depends' ....
Umm.. there are no viruses on Linux for the same reason there are no professional video games on Linux. Its because Linux has less the 1 percent of the entire worldwide desktop market and viruses require some serious engineering effort. Why would a virus developer want to bother with such a tiny market. They wouldn't.
If Linux continues to grow then you will absolutely, positively see viruses on Linux.
Don't be lame and suggest that somehow Linux has some magical power to fend off malware.
The significant part of your post is the bit about 1% (Arguable!) desktop share. There's a damn sight larger share for server markets. Would pwning a server not reap more benefit than a desktop machine? I think it would. Still, there are very few theoretical and practically no in-the-wild Linux viruses.
Would pwning a server not reap more benefit than a desktop machine?
A server usually has some skilled person "taking a look at it" once in a while. Targeting desktop machines running some popular system, can give you control of MILLIONS of machines. And their users can't even tell (as long as google and facebook works).
A server usually has some skilled person "taking a look at it" once in a while. Targeting desktop machines running some popular system, can give you control of MILLIONS of machines. And their users can't even tell (as long as google and facebook works).
Pwning a server (Especially a Linux server!) is worth more than a botnet of Winblows PCs for a few reasons.
- Bragging rights
- Servers are generally more powerful in terms of onboard grunt and available bandwidth than PCs so your bad guy's emails about little blue pills get sent that much quicker and in greater volume.
- Your bad guy potentially has access to a lot more personal details/bank accounts etc. than from an individula's PC.
I still think a Linux box is a more attractive target but it's also that much harder to target. Granted in some part because it will have (usually) a skilled admin.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.