virus immunity
 

can anyone tell me how exactly unix or linux is immune to virus?i mean how the processor knows what is an infected file??any site is know more is welcomed...

Ok, it works like this:

First, there are about 400 different linux distros. These use different init systems and keep important files in different places. this means a virus would not only have to be written for linux, but it would have to be written for the specific kind of linux that you are running. Since windows has the majority of the market share and a virus can run equally well on almost all of them no one is putting the effort into writing linux viruses.

Second on a properly configured Linux/Unix/OSX system you do not run as root. This means you don't have the ability to do any serious harm to your system, you can only write to files that you have permission to write to; so any 'virus' that tried to wipe out your system could at most affect your personal documents. It wouldn't be able to affect the whole system or even the files on your computer that belong to another user.

These two things combine to make Linux/Unix/OSX the virus free environment that it is. First a 'cracker' would have to be determined enough to write a 'virus' that would only work on a small fraction of the linux computers that are a very small fraction of all computers; then he would only be able to (at most) delete your photos/music/homework, but not bring the system down or be able to compromise it in any serious way.

I believe this is a little misleading. It is still possible to create a virus/worm that targets a specific generally internet facing package that runs on "linux", for example apache, your favorite FTP server, etc, and use that as a way to try and gain access to another system. Adding an existing rootkit to a worm looking for a newly discovered vulnerability that can be used to gain local access can potentially do a lot of damage. Anyway, linux is not immune, and the differences between it and windows are just "different".

-Raymond

What he asked about were infected files. perhaps I was to simple in my response, there are still many things that could happen. there are rootkits and you could get hacked. a properly configured web accessible service should be chrooted so that even if it's compromised you don't have to worry because it can only affect the small area that it is chrooted in. linux is a very secure system when properly set up. it isn't invincible in any magical way but I have been using linux for years on many computers. I set up all my families computers and they run linux too. none of these have ever had any security related issues.

The CPU knows nothing of viruses on any system. No WinDuhs virus will run on Linux because the binary executable format is different and Linux does not know how to run a WinDuhs program. (You can use 'WINE' to run some programs, but then there are numerous other troubles for the virus even when running under WINE.) JavaScript and any other common interpreter (PDF, PostScript) of course provides opportunities to do some nasty things on both Linux and WinDuhs. The WinDuhs exploits also tend to be somewhat straightforward; on Linux you first need access to an account and then you need to gain root privileges; since there's a large number of different combinations of software versions (and vulnerabilities) on Linux, a cracker needs to put in a lot more effort to root a Linux box than a WinDuhs box. WinDuhs also provides many dozens of services by default; all these services offer opportunities for an exploit; most of these services are in fact not essential (except to WinDuhs - stupid design) and most don't even exist on Linux/UNIX so there's a lot of opportunities lost.

in short, no virus designed to run on any MS Windows system will work on a Linux or *nix system. As stated they are not the same binary thus can not be executed.

there are hundreds of thousands of viruses, if not millions, for MS Windows.

there are only a FEW hundred for Linux and even less for OSx.

NO Operating System (OS) is IMMUNE to viruses. Linux and other *nix OSs are just less susceptible to them then MS Windows is due to the very nature of the *nix OSs being built from the ground up to be a NETWORKED OS. This means it was designed with security in mind from the start and not as an afterthought. MS Windows on the other hand was and still is not designed as a network OS and thus is STILL not built around security. You still need to be a "root" Administrator to accomplish even the most mundane task in Windows (including installing MS Office) and as a result a large amount of users run with elevated permissions, far beyond what is secure and safe for the OS, causing the security nightmares we see today in the computer world.

Since a large amount of Windows users run as "administrator" or at least with administrative permissions any virus that runs due to the users mistake or lack of knowledge about what they are doing is run as "administrator" and thus that virus or malicious software gains FULL ACCESS to the computer.

This is typically not true in the *nix world.

There are many other reasons, but this is ONE of many reasons why MS Windows is so much more susceptible to viruses then the *nix world.

1)ok.but even windows can have multiple users other than administrator.so if i login as another user in windows will my security levels increase??
2)also,if i for some reason login as root then u mean my system wil b as vulnerable as windows.
3)whats difference between sudo and root?
4)and say i have executed a linux virus in other than root mode?what is the max damage my system can suffer?

1) it's not quite the same thing

2) No but it would be a hell of a lot more vulnerable then normal.

3) sudo can be set up to allow normal users to do things that normally only root could do. it grants root privileges just for one command and is the proper way to set up tasks that you do frequently. root is a user on your system and everything he does has root privileges (not necessarily a good thing.)

4) if you somehow find a linux virus and then deliberately run it (not as root) the worst that could happen is you delete everything in your home directory. everything else would just get a 'permission denied' error.

It will depend on the permissions of that user. If that other user has administrative rights then NO. If it is a restricted user then it will help slightly, but not near as much as under Linux. Windows users still have full access, normally without modification, to the rest of the system.
again not the same thing, but yes if you RUN as root for EVERYTHING you do n the computer, then yes you are running a much unneeded risk to your system.if you install a virus program as user, the worst thing that will happen is that user account will be corrupted and require removal from the system.

a simple rm -r /home/user will make it go away. sadly so will your data, but the computer and other users will NOT BE affected.

http://www.tech-faq.com/sudo.shtml

that should help with what sudo is.

ok heres a question.i recently installed ubuntu 8.04 on friends system and it was seeking password for every operation and drive access.my ubuntu 7.10 never asked me for them unless its a root operation.does that mean my harddisk is less protected and any virus wil affect my system more severely than just home folder?

Clearly, your friend's system is not set up correctly...

Generally speaking, I spend my days as a "limited user" (actually, any one of several user-ids) on whatever system I happen to be working on, and I never respond to a root-password prompt. If I want to be doing something magical, I log-on as a magical user, do that magical thing, and then log off.

I have a system-maintenance account that is used for software installs other than the OS itself. It can gain access to "root," but my ordinary user-ids (which do not belong to the wheel group...) cannot.

Computers are not smart, and they don't catch colds. They do obey instructions. The notion that a computer can "get sick" is a dream from a clever marketing-department. If you don't want rogue programs to do damage unintentionally, simply use an account that cannot do these things intentionally. The rogue ... cannot succeed.

Folks like Norton and McAfee appeal to the human notion of "sickness" (and the idea that such things are inevitable unless you endlessly "immunize" against them). They're probably the reason why home-editions of Windows (inexplicably...) still don't turn-on system security but instead leave the system wide open. A computer cannot get sick. A "virus" is nothing more than a rogue.