[linux-elitists] Comprehensive list of Linux malware
Thu Dec 2 15:40:01 PST 2004
Quoting Aaron Sherman (firstname.lastname@example.org):
> It's also not true. While Linux purists may not be happy with it...
(Oh dear. I seem to be insufficiently pure.)
> ...one of the first things that most Linux and NVidia users do is
> download the binary-only NVidia driver from nvidia.com and execute it
> (it's a shell script, self-installer).
At the same time, they generally have plausible reason to believe that
they really are pulling it down from nvidia.com and that it's a file
from a company that (unlike some others we could mention) works hard to
avoid the lasting embarrassment of having distributed a file that
compromises customers' security.
The trick, of course, is to be aware of whom you're trusting, to what
extent, and why -- or (if not) at least have relatively safe habits and
> There are also a number of shar archives from older systems (esp.
> Usenet) and as you mentioned, a "package" is essentially a shell script
> + tar ball (actually RPM as a specific example uses cpio not tar, but
Joey's comparison table is useful:
Note the rows for pre/post install/remove program capability.
(I concur that the distinction, previously posted by someone else, not
by me, is bogus and not meaningful.)
> Let's not be unrealistic, thought. None of these are magic bullets, and
> Linux malware is not unheard of or particularly complex.
Nor particularly to function in the general case, for reasons I
hope my study elucidated.
More information about the linux-elitists