LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-12-2007, 05:28 PM   #1
Bjwebb
LQ Newbie
 
Registered: Jan 2007
Distribution: Ubuntu 7.04 Feisty Fawn
Posts: 28

Rep: Reputation: 15
Could Linux be hacked through propietary applications?


Hi there,

I listen to a few of the TWIT.tv podcasts, including Steve Gibson's Security Now. On the most recent program, they interview security expert. Most of the porgram was about Windows security. However an interesting point was raised - Windows is now reasonably difficult to attack (according to them, but I'm not leaving linux any time soon ) but the point was that the "bad guys" are increasingly taking advantage of flaws in other applications.

Obviously, the whole point about Linux is that it is very hard to crack, because it is inherently secure and the availibilty of the source code. But, what about the propeitary applications that some people use.

For example the flash plugin or Skype (these were actually mentioned on the programme as being vunerable in Windows), what if there was a vunerability in this. Would Linux falsh users be vunerable.

I would appreciate it if someone could explain what would happen.
Thanks
Ben Webb
 
Old 05-12-2007, 05:45 PM   #2
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
The basic principles are really the same on all modern OSes. If you inadvertantly run a piece of malware then it has the same privileges that you do yourself.

On Linux this means that it would be able to read and manipulate all of the files in your home directory, and attach to unprivileged network ports, because Linux user accounts can't run anything with root (Administrator) privileges unless the user explicitly invokes su or sudo. Windows user accounts frequently have Administrator rights, which means that any piece of malware can have unrestricted access to the entire system once it runs.

It's also worth noting that package managers like apt-get and yum will check the digital signatures of the packages that they install, and responsible vendors will publish checksums for isolated package files so that you can check what you download. Unfortunately some proprietary vendors don't sign their packages or publish checksums, which does expose their customers to the possible risks of fake packages carrying malware (since you then can't verify the authenticity of the package).
 
Old 05-12-2007, 05:51 PM   #3
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
It depends on several factors.

First, the Linux distribution; some have more security than others. If security is important to you, then make sure you select a distribution that meets your requirements. Several of these features can prevent weak security in a network application from being exploitable. For example, there were two exploits of the Debian software servers which, after analysis, could have been prevented by Exec-Shield and/or SELinux. The Debian developers fast-tracked those features to prevent similar future exploits.

The second issue is user privilege separation. Since services and users do not run with administrator authority on Linux, even an exploit that successfully compromises security is limited to user accessible data (and only as further limited by SELinux). An example would be a malicious Makefile. In order to damage beyond the user or application space, a secondary exploit - a privilege escalation - would be needed. However, all such known would be prevented by the other available security enhancements (Fortify_source, fstack-protector, restricted kernel memory access, Exec-Shield, etc.).

In short, there's no question that almost any software can eventually be compromised, or the user socially engineered. However, with the many layers of protection a security-minded distribution employs, creating a successful exploit will be extraordinarily difficult.
 
Old 05-13-2007, 04:20 AM   #4
Bjwebb
LQ Newbie
 
Registered: Jan 2007
Distribution: Ubuntu 7.04 Feisty Fawn
Posts: 28

Original Poster
Rep: Reputation: 15
Security is not a massive prioirty, as I am simply a home user. I know Linux is very secure, and things can only happen which you have priviliges for. However, I will be using programs liike flash.

Do I need any security programmes for home use? I am often told that anti-virus and firewall are not needed, wheras other people disagree. I know antivirus won't do much, as it only prevents known problems - and Clam AV is only useful for finding Windows viruses on servers. But, what about other things?

I am going to be using a ethernet modem, which will presumeably have a firewall built in, so do I need to worry?
 
Old 05-13-2007, 05:45 AM   #5
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
Modems don't have firewalls, but routers do. You only absolutely need a firewall if your computer is connected to the Internet and runs network services. For example, Ubuntu doesn't ship with a firewall because it doesn't run any network-accessible services.

If you don't run any network-accessible services then only ways to crack your system are for someone to get physical access to it, or to get a user to run something. Hence the importance of using digitally signed packages, and verifying the authenticity of stuff download yourself with checksums. Java applets effectively auto-install, so there are mechanisms that restrict their access to the host system. The kinds of defences that macemoneta talked about largely protect network services, and don't defend against these kinds of exploits.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FOSS is great, but can you live without propietary software? aldimeneira General 9 02-27-2006 02:14 AM
Norwegian government no longer accepting propietary formats ernesto_cgf Linux - News 12 12-25-2005 07:51 AM
request for old ATI propietary driver for xorg 6.8 (8.12.10) bobbens Linux - Hardware 1 09-04-2005 05:46 AM
Wierd resolutions with ATI propietary drivers and x.org (debian) bobbens Linux - Hardware 0 08-31-2005 01:56 PM
Linux, Corporations, and Propietary Software duerra Linux - Newbie 5 01-01-2004 04:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration