[linux-elitists] Comprehensive list of Linux malware

Andrew Kohlsmith akohlsmith-le@benshaw.com
Fri Nov 19 12:56:59 PST 2004


On November 19, 2004 03:33 pm, Rick Moen wrote:
> 1.  "You Linux people are cocky.  Just see what happens if you ever have
>     significant market penetration."  (Ignores the already-established
>     high share of Web servers, scientific workstations, and some other
>     specialties.)

Typically speaking web servers and scientific workstations are not what are 
getting attacked today.  Sigificant marketshare means Ma and Pa Smith who pay 
for AOL but don't even have a computer[1].

> 2.  "Linux isn't invulnerable."   (Ignores the substance of my essays
>     almost entirely.)

> 3.  "Linux will suffer an inevitable security & malware meltdown when/if
>     it gets significant numbers of desktop users."  (Ignores the
>     measures increasingly implemented to make the easy way the safe way,
>     and the safe way the easy way.)

With regard to #3 especially I had read of a very simple method to make 
general users actually quite safe when online.  It even works for Windows:

Internet access (let's say web, email and IM at this point -- the big three) 
is done through a second (intarweb) user account.  For simplicity's sake 
let's say this account has no password on it.  The real user's account has a 
standard username/non-blank login.

The user's web browser and email client actually run on their alternative 
login, and the point-n-click interface seamlessly sudo's to the intarweb user 
in order to use these applications.  Thus any malware cannot directly attack 
the user's home directory or data.

For added protection the intarweb user could have certain restrictions placed 
upon it -- say the inability to run su or sudo, and perhaps a GUI-level lock 
which prevents any dialog boxes or modal windows from popping up without a 
visible and unobscurable "scar" indicating that the window in question is NOT 
a normal system window.

Not a perfect solution but certainly one which it would significantly raise 
the bar on making applications which could trash a user's data or present 
them with password entry screens which would allow the attacker to get at the 
user's data.

-A.

[1] http://www.watleyreview.com/2004/111604-3.html



More information about the linux-elitists mailing list