I guess I'm missing the whole point (and probably other things). How does a virus get in if you 1) install debs from the repositories 2) only mark scripts/programs executable that you know what they do and 3) don't run as root? Can Linux viruses be downloaded/run through Firefox? Can they come in through jpgs? I imagine they could come through a database and/or web server? Is that the case? Or are you trying to stop the propagation to your Windows friends?
-Hinto
clamav - "you cannot be serious"
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
viking777
Re: clamav - "you cannot be serious"
I really wish I had the knowledge to answer that question with some authority. Sadly I don't so feel free to dismiss with a pinch of salt anything I say next.hinto wrote:I guess I'm missing the whole point (and probably other things). How does a virus get in if you 1) install debs from the repositories 2) only mark scripts/programs executable that you know what they do and 3) don't run as root? Can Linux viruses be downloaded/run through Firefox? Can they come in through jpgs? I imagine they could come through a database and/or web server? Is that the case? Or are you trying to stop the propagation to your Windows friends?
-Hinto
Point 1) A good argument, but always subject to the proviso that everyone who submits code to a repository is to be trusted. How much is the code checked once it is submitted? I don't know. Presumably if you were a first time contributor then it would be checked pretty carefully, but if you were a regular then so long as it was functional code, how deep would it be checked? Again I don't know. Then think about the situation where a trusted code contributor is being subjected to blackmail. That scenario is all a bit 'Hollywood' I know, but industrial espionage is real enough, the lengths people will go to depend only on the perceived threat.
Point 2) How many scripts do you think come with the average Linux distro? Do you know what they all do? On my Mint9 install there are 84 listed in /etc/init.d alone. If somebody slipped an extra in unnoticed would you pick it up? I sure as hell wouldn't.
Point 3) If you mean don't log in as root (which Mint doesn't allow anyway) then I agree, but if you are seriously saying that you can run a Linux distro without ever using a root or sudo program then I take my hat off to you because I can't.
Finally you overlook the most significant sources of viruses which is of course web sites. You don't have to be on <violates forum rules> sites or warez sites, only yesterday, my wife (who uses windows) was reading a site about fire safety when her antivirus program alerted her to the fact that she was about to be infected by a trojan. Now the likelihood is that the trojan concerned would not do much on a Linux system, it probably couldn't even run, but on a windows system it would be potentially devastating. This is where the largest threat comes from and although it is still a largely insignificant threat to Linux at the moment it will not remain that way for ever, that is guaranteed.
-
viking777
Re: clamav - "you cannot be serious"
I decided to carry out a little experiment this afternoon, I virus checked my /home folder first with clamtk and then with clamscan from a terminal. The results were interesting.
Clamtk took 7 minutes to scan the folder during which time scanned around 6500 files, more importantly during that time my cpu temperature increased by 30c.
Clamscan (from a terminal) took 4m25s to scan the same folder during which time it scanned around 8500 files and the maximum cpu temperature increase was 20c (although that was only transitory, for the most part it was only 15c)
I am not a command line fan in the least, but those are quite striking results in favour of the command line solution.
Clamtk took 7 minutes to scan the folder during which time scanned around 6500 files, more importantly during that time my cpu temperature increased by 30c.
Clamscan (from a terminal) took 4m25s to scan the same folder during which time it scanned around 8500 files and the maximum cpu temperature increase was 20c (although that was only transitory, for the most part it was only 15c)
I am not a command line fan in the least, but those are quite striking results in favour of the command line solution.
-
deleted
Re: clamav - "you cannot be serious"
This wouldn't affect Linux. You'd have to enable the executable bit.viking777 wrote: Finally you overlook the most significant sources of viruses which is of course web sites. You don't have to be on <violates forum rules> sites or warez sites, only yesterday, my wife (who uses windows) was reading a site about fire safety when her antivirus program alerted her to the fact that she was about to be infected by a trojan. Now the likelihood is that the trojan concerned would not do much on a Linux system, it probably couldn't even run, but on a windows system it would be potentially devastating. This is where the largest threat comes from and although it is still a largely insignificant threat to Linux at the moment it will not remain that way for ever, that is guaranteed.
1) if it's a public repository (like Debian or Ubuntu), then the whole community would be screaming and would effectively get rid of it. (before clamav gets wind of it)
2) The number of scripts shouldn't matter. Do you know how many dlls are in Windows
3) You don't login as root, you sudo, which assumes that you really know what you're doing instead of inadvertently running a script.
-Hinto