Clamav

[jdow]

From: "Bruno Wolff III" <bruno at wolff.to>
Sent: Saturday, 2010/April/17 06:23


> On Fri, Apr 16, 2010 at 20:29:25 -0700,
>  Craig White <craigwhite at azapple.com> wrote:
>>
>> Clearly no OS is safe from exploit. The most effective security method
>> employed on Linux is simply not to run as superuser where most Windows
>> and Macintosh users are running as superuser and the software leaves it
>> to the user to figure out how to run with less privileges (very possible
>> but not the typical usage).
>
> I disagree. This can help with restoring a system, but is more useful
> for protecting users from each other than users from malware. User
> accounts have all of the power needed to replicate malware. User accounts
> have valuable data (may be private or hard to recreate), where as data
> owned by root typically isn't. There have historically been a lot of local
> root exploits on linux systems that allow malware to elevate its
> privilieges.
>
> I think selinux is going to of more use in this area than standard unix
> file system privileges and having a separate root account. It won't solve
> all of the problems, but it can help protect users from processes running
> as themselves.

Heh, you get it. SELinux is a anti-malware software.

{^_-}