My name is Bob. I'm the system administrator. I own this linux box, and I do as I please on it.
I log on as 'Bob' , not root. When I have to do something that only the root user (the super user) needs to do, I use the sudo command. That is to say sudo
Ok. Now my name is vincent. I'm a virus. Bob was surfing the net for porn on some brand new browser a friend told him to install. The browser itself is not a trojen or hostile peice of software, it's intentions are honest, but it has a few holes in it my writer was able to exploit. So I got into Bob's System.
I'm looking around. I see the system files. I attack them.
Access denied.
Bob is surfing the net as a normal user, he never logs in as root. When he (accidently , unknowningly) let me in, I got only normal user privilidges. I don't have access to the operating system. I can't modify linux.
Oh look ...some office applications, a word processor a game ... access denied. These programs were installed with the sudo command, so they belong to root. Again I don't have access.
Well, ok , I'm going to issue a Sudo command.
Bob now see's a really annoying pop up window apear before him asking him for his password. Since he's surfing porn , he's pretty suspicious of those sites, and instead hits cancel and shuts down the browser.
The operating system goes through the list of all programs the browser launched, finds vincent on the list , and shuts vincent down too. It also looks for any programs vincent may have started , but finds none.
Bob shakes his head at the untrustworthiness of his new browser, daring to ask for his linux password like that , and uninstalls it.
The moral of this story ?
Linux is alien territory to the average windows user. It's unfriendliness to unexpected executables popping in out of the blue and deciding they want to change things around is out right legendary. It's belief in keeping people in little sandboxes so that they can hurt only themselves and no one else, certainly not the operating system or any equilly protected standard programs you yourself didn't actually write puts a serious crimp in the style of a virus writer.
Do viruses (I'm still debating whether it's viruses or virii ) exist in the Linux world ?
A few yes.
But they go no where. Like taking a match to try and burn fire proof material, there is a flame , but it is on the match only , it doesn't light off anything, it doesn't propegate to the next computer, it doesn't go anywhere. The structure of Linux and the security mentality found in every beginners book on learning it make that an active concearn. So not only is the structure highly resistant to the fire of a virus attack , but the newly taught linux administraters who downloaded it and are just learning the ropes learn to worry about such things right from the get go.
Posts
No comments:
Post a Comment