Simple question really. As far as I have learned, Linux is unable to get a virus because of the way the Linux file permission structure is. Is this correct?

Also - more importantly... Can a Linux notebook get a virus, but not be affected by it, and then be able to pass the virus to a windows machine on a network?

My personal notebook is running Debian Etch and I am trying to convince my boss to allow me to use it at work, but she is concerned about me bringing in a virus from home.

I doubt you will have a problem with that. But linux (ab)users can be hacked provided that they have weak security. If you dont run as the root user and do all your work as a user with limited privileges you should be ok. Also, if you are using a laptop on unsecured wireless points then you should install a firewall such as firestarter or guarddog.

There are however issues like the recent xpdf vulnerability that could give somebody root privileges so you gotta watch out.

Yes Linux can get a virus (rare but possible) and depending on who the user is it may or may not infect the 'entire' system (another good reason never to run as root). If the user is a normal user then the users local files only may be affected by it.

No, Linux cannot get a virus and affect a Windows system by it. Linux can recieve a Windows virus from somewhere as in an email for example and when the email is downloaded and/or read by a Windows system the Windows system is infected.

A Linux system may also have a stored (or saved) file that is infected by a Windows virus and if a Windows user (as with an smb connection for example) to use or open this infected file the Windows system can be infected.

Really, any system that executes programs can get a "virus." A virus is just a (usually malicious) program that executes on the machine, replicates, and typically copies itself to other machines to be executed. There's nothing magical about viruses - they're programmed using the same languages and techniques that are used in all other computer programs, be it your word processor, browser, etc.

The thing that sets viruses apart is that generally they're programmed to carry out malicious behavior instead of beneficial behavior on a person's machine. Programs are just like bacteria in the real world - certain strains will cause great harm and even kill a person (or other host) whereas without other strains a person or animal may die of starvation for lack of being able to adequately digest one's food. It's the intent that matters.

So to get a virus, an operating system must have a means for the virus to get in - maybe a security hole, maybe an unsuspecting user - and must have a means of executing on the system and performing its intended tasks. Windows is often criticized for being so susceptible to viruses and as some are quick to point out it perhaps has something to do with the popularity of the platform, but popularity only leads to part of the problem - being able to EXECUTE the virus. Virus programmers have to code their virus to run on windows just like how Mozilla Firefox programmers have to code their browser to run on windows. If the virus writer wants to "support" more platforms, he or she has to code their virus for it and most either are unwilling or unable to do that. Using GNU/Linux (or really any other system that's binary incompatible with Windows) takes away a big portion of a virus's ability to infect and propagate through simply not being able to execute the virus.

The second thing I mentioned that a virus needs to be successful is some sort of vulnerability to exploit. Windows by default often is set up so users run as administrators or power users who therefore have access to change/add/delete parts of the system that they really almost always never need to touch. This is what makes the virus so deadly - it has all the same access to the system as the user does and can really do some serious devestation. GNU/Linux and Unix by design make extensive use of permissions to lock down the system so that a user has access to what he or she needs, but cannot wipe everything out. This philosophy of making people do their day to day tasks as regular users and highly restricting what they can and cannot do goes to great lengths to take away the virus's other potential for propagation - the ability to exploit the system. Users typically are unable to delete or replace system binaries that they don't have permissions over, so even if they run a virus that's binary compatible with Linux, the virus is sorely limited in what it can do. Usually at worst the virus can only harm a single user's home directory.

One way which viruses can get around these limitations on GNU/Linux (or other operating systems too) is to find a service such as a web server or dhcp server that's running a version of the software that has bugs or flaws in it that the virus can exploit and somehow manage to get the machine to run the virus code at the same privilege level as the service was running at. This normally wouldn't be as big of a problem if system administrators wouldn't let services on their machines run with root or administrator-level privileges, but often times they're either lax with security or the software is poorly designed and requires administrator privileges. If the virus can manage to exploit such a service, then the virus runs with unbridled permission on the whole box and that's a Bad Thing™.

Going hand in hand with administrator-level service exploitation are machine users who run with administrator-level privileges or maybe even run as root instead of running with a much more limited user account. If a virus manages to get in and execute on such an account, then it once again has unrestrained permission over the machine.

So, what is that long winded spiel about viruses saying? In short, if you use the tools that GNU/Linux and/or Unix gives you and you follow good security practices, then you're much less likely to be vulnerable to viruses than you would be if you were running Windows. It's often true that Linux by default is more secure than Windows by default, but that's not nearly enough. It'd be better to tell people that Linux can be MADE more secure than Windows can. Conversely, Linux can be made just as insecure as Windows can. It largely depends on the users and administrators. Security is an ongoing process, not some arbitrary static target.

Hope that helps!

Technically there is a cross-platform virus known as linux.simile that is capable of infecting both Linux and Windows (it uses 2 separate subroutines based on the OS). I've never seen it or heard of it being in the wild, so as far as I know it's PoC (but still technically possible).