decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books
Your contributions keep Groklaw going.
To donate to Groklaw 2.0:

Groklaw Gear

Click here to send an email to the editor of this weblog.


Contact PJ

Click here to email PJ. You won't find me on Facebook Donate Paypal


User Functions

Username:

Password:

Don't have an account yet? Sign up as a New User

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Can a Linux user download and run malware? Sure.... | 336 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Windows != Security
Authored by: Anonymous on Friday, March 22 2013 @ 12:35 PM EDT
Yes, it is possible, but how much damage can it do? Unless that user has super
user privileges, it can only affect the files and directories she has control
and rights over. It cannot touch any system files, nor set up to run when the
computer boots. The MBR and boot sectors are also untouchable. There was an
article published about this a number of years ago (2005) titled "The short
life and hard times of a Linux virus." It's still available at
<http://librenix.com/?inode=21>

[ Reply to This | Parent | # ]

Can a Linux user download and run malware? Sure....
Authored by: Anonymous on Friday, March 22 2013 @ 12:52 PM EDT

... but with the security built from the ground up with security in mind, you have to actually make some pretty serious changes to the security of your standard* Linux computer before it becomes reasonably friendly to malware.

Let's say you want to set up a Linux Computer to "operate like Microsoft" from the perspective of downloading and installing software without requiring knowledge of the administrative aspects of the computer. But... at the same time you want to maintain the hightened security sacrificing as little of it as possible.

You could do that.... setting it up so a person could just click on an .exe and run it as themselves.

    1: Install WINE
    2: Map the WINE drives to reflect the normal structure of the Linux OS - but not to those directories
    3: Grant usage of WINE to the user
    4: Update the extension recognition to automatically run WINE when the user clicks on an .exe
That's a pretty easy setup to put in place. It doesn't take much knowledge at all and one doesn't have to put much effort into hacking around the core Unix/Linux security.

Voila! What's the worst that could happen?

    A: The user becomes a spam bot that is running - but only when the user is logged into Linux
    B: The virus trashes the users home directory
What's most likely to happen?
    The virus thinks it's on a windows machine - it is running within WINE after all with the similar C: D: drive mappings.
    As a result, it modifies the system files in "windows" rather then the system files in "linux".... or more appropriately, it attempts to.
    After the user has "viewed" the results of the virus, the virus gets shut down and doesn't restart until the next time the user explicitly runs it.
You've still got all the rest of the underlying security protecting the system... including the halting of the user processes - back-end or otherwise - when the user logs out.

So you're absolutely right - a user can download and run malicious software.

But unless you take some serious efforts to decrease the security in Unix/Linux - it's a really hostile environment to malware.

* Obviously someone with enough security knowledge can hack around all the defaults of the standard Unix/Linux installation and make a Windows-like Linux box. They could even set it up so it automatically logs in as Root for the unwitting user.

Caveat: the discussion is around the "operator error" aspect - which means the user is unwittingly executing malicious code. Such a user doesn't have a good understanding of security or system administration and would not be in the position of making the appropriate de-security modifications themselves.

RAS

[ Reply to This | Parent | # ]

Windows != Security
Authored by: Anonymous on Friday, March 22 2013 @ 02:50 PM EDT
> Isn't it possible for a Linux user to download, install, and run malware?

With Windows a file is executable if it has a particular filename 'type' such as
.bat, .cmd, .exe, etc. So a downloaded file can immediately become executable.
As the default setting in Windows is that the 'type' is hidden then files such
as cutepuppy.jpg.exe appear to be cutepuppy.jpg, a harmless image. Clicking on
this, even as an email attachment, could get it to execute.

With Unix/Linux a downloaded file is not executable until the user has made it
so by setting the 'executable bit(s)' in the file attributes.

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )