[linux-elitists] Comprehensive list of Linux malware

Mike MacCana mmaccana@redhat.com
Sat Nov 20 07:53:50 PST 2004


There doesn't seem to a full summary of the default options in Linux 
that make it more secure than Windows. So Here's One Mike Prepared 
Earlier. Discuss (like you needed instructions), and grab it if you 
want, its public domain (maybe Rick feels like incorporating it into his 
site).

- Default file permissions in Linux do not allow new executable files
In Windows, ACLs are inherited from the users Documents and Settings 
directory, which, in the default install, gives execute on all objects 
created within it. Default file permissions in Linux (which are 
generally inherited from the user) do not allow new executable files, 
regardless of the users default permission (umask).

- File types based on executable, not file name in Linux.
This makes it harder to have an app with content of one type and a file 
extension of another - used in some exploits.

- Executable files don't get to set their own icons.
Only launchers do, in both Gnome and KDE. This makes it hard for an 
executable to use the same icon as, say, a JPEG file.

- Executable files not used to package software
Legitamite software is supplied as a package file that  only needs to be 
read by an existing, trusted executable installation app (ie, up2date, 
apt-get). Hence users are not in the habit of making files executable. 
Some applications (such as up2date) refuse to install packages that 
haven't been signed by someone trusted by the user (trusting means 
explicitly importing that persons public key).
It may be possible to have a non executable MSI file - though almost all 
the Windows software I get is distributed as .exes. Any Windows admins 
wanna help out?

- Better default filesystem ACLs
Filesystem ACLs in Linux restrict more.
In  the default install of Windows 2000, it's possible for a non 
administrative user to save a file as explorer.exe in C:\ and have it 
executed by all users upon login. Of course, Windows 2000 isn't the 
current MS operating system, but it its only four years old.

- Better vendor security culture
Years ago, Microsoft's security reputation was atrocious: for example, 
Exchange 5.5 shipped as an open relay by default, with no way to turn 
this behaviour off untill Service Pack 3 was released. But at least 5.5 
customers got a service pack: Exchange 5.0, to this day, has no way to 
stop it being an open relay. Customers who paid for 5.0 were forced to 
pay for 5.5 for relay control.

Now they're just not particularly good: Windows XP Service Pack 2's 
fiewall leaves (IIRC) around 7 ports open by default, including those 
used by some of the major Windows worms (slapper IIRC, but the 
register.co.uks search feature is making it hard for me to find the 
article). A default Fedora or RHEL install leaves apps listening on zero 
ports (or one if you use a dhcp client). Other modern distros likely do 
the same.

- Windows encourages desktop logon as administrative users
The default install of Windows creates one user whose a members of the 
local administrators group. As a result, its common practice to log onto 
a Windows box as such a user and run all apps, even non-adminsitrative 
apps, as a high priveleged user, ignoring the Run As option (even more 
so in Windows 2000, as its kind of hidden - you have to shift right 
click an executable). This means people browse the web as Administrator.

Linux distros create a non root user in the default install and suggest 
users log in as this user. On the command line, users can use sudo or su 
to switch users, graphical admin apps (that aren't shit) will simply 
prompt for the root password when launched.

Mike




More information about the linux-elitists mailing list