[ILUG] PS's + Virii

[Justin Mason]

Bernard Tyers said:

> on a lighter note, i know that linux is not as suseptable to virii as
> Win*, and MS* is. but my question is why? 
> is it to do with the os code?

What Liam said. ;)

Also Linux and other UNIXes have a well-designed, secure, multi-user
basis, where system binaries are owned by root and normal people do all
(or almost all) their work as a non-root user.

Windows and Macs have a virus problem because they don't enforce the
multi-user concept at all.  Well, NT does have a solid multi-user concept;
but due to backwards contemptibility they decided to make the default
permissions out-of-the-box the NT equivalent of -rwxrwxrwx for everyone :(
And now most installable Windows software expects this, so I don't see
that changing any time soon.

Apparently there is a Linux virus called Bliss, but it requires you to run
stuff as root, which is obviously a bad idea.

The only other UNIX virus I've heard of, was in an article in ;login:
about a concept-demonstration virus, which used a fancy emacs clock to
spread itself; once the user turned on the clock in their emacs startup
file, eventually they might run emacs as root (because "su root" on that
OS would read your own startup files instead of root's!), and the virus
could infect root-owned binaries. That's the danger of running fancy
editors as root ;)

Another virus mechanism could involve using security holes and setuid-root
binaries to infect root binaries, but this would be quite difficult as the
security holes in question are also usable by human crackers, so the known
holes are regularly patched.

BTW this is why using root as your normal userid is such a bad idea, apart
from the old "rm -rf ~/somedir /*" problem.

--j.