Fedora 18 security questions.
Sam Varshavchik
mrsam at courier-mta.com
Thu Mar 21 23:56:24 UTC 2013
William Mattison writes:
> malware. What does Linux have corresponding to that? I'm just about
> certain that my old Linux system is infected with working spyware.
I have never heard of spyware on Linux.
> I'd like
> to have something like security essentials, malwarebytes, etc. on my new
> Linux system.
Security essentials, malwarebytes, etc.'s sole reason for existence is the
fundamentally flawed technical design of the underlying operating system,
namely the fact that it's a single user system, with the user having total
access to all files an executables on the system. Although recent vintages
of MS Windows have introduced concepts such as, supposedly, separate user
and admin accouns, it works about just as well as a bandaid on a constantly
bleeding wound.
Even let's hypothetically say there's an exploit in Firefox that can be used
to inject executable code, through a malicious web page, once running the
code will have no way to overwrite Firefox's binary executable, and implant
itself in Firefox, or any other operating system executable. As soon as you
log out or reboot, it's gone. The scope of the damage is limited to wiping
files in your home directory, and that's about it.
An actual infestation, that's similar in nature as it would be on MS
Windows, would also simultaneously require an exploit in the Linux kernel
itself. Although I do recall, offhand, a couple of kernel privilege
escalation exploits that have come out at some point in the past, I can't
recall more than 2-3 in the last 20 years, and they've generally been fixed
up in a matter of days.
Probably the most that could be accomplished, on a persistent basis, would
be browser-based spyware, a malicious Firefox plugin that installs itself.
But that would stick out like a sore thumb, in about:plugins, and even if
the plugin somehow manages to figure out how to corrupt Firefox, once it
starts, to hide itself, it would still be trivially identifiable, and
trivially disabled, like Firefox has recently auto-disabled certain
malicious plugins.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130321/d6cb25f8/attachment.sig>
More information about the users
mailing list