Page 2 of 9 FirstFirst 1234 ... LastLast
Results 11 to 20 of 81

Thread: Hypothetical Linux Malware Question.

  1. #11
    Join Date
    Jul 2008
    Location
    The Left Coast of the USA
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: Hypothetical Linux Malware Question.

    Be careful of the term "virus". Viruses, as they exist in Windows, are generally foreign to Linux except for very few proofs of concept. That does NOT mean there will never be one and it does NOT mean there are no forms of Linux malware. There certainly are malware exploits that target Linux. So what would you be using real-time protections against?

    As far as requiring the use of approved packages, such draconian rules would not be well received.

    You haven't opened a can of worms. If there ever was one, it has long since been opened. This topic has become one of the most recurrent of recurrent discussions and this thread will shortly be joining its comrades in the "Recurring Discussions" forum.
    Please read The Forum Rules and The Forum Posting Guidelines
    My Blog
    A thing discovered and kept to oneself must be discovered time and again by others. A thing discovered and shared with others need be discovered only the once.
    This universe is crazy. I'm going back to my own.

  2. #12
    Join Date
    Sep 2013
    Beans
    1

    Re: Hypothetical Linux Malware Question.

    Is it unrealistic to not allow users to run anything as root from outside of the official repositories unrealistic?

    It's what iOS does and as far as I know it's extremely secure (especially in terms of potential attacks). If you want to install a foreign .deb file (etc) Ubuntu can resolve it's dependencies from it's own repositories but only allow the new program to go in a non system folder and to never have root privileges (or raised by Sudo etc.)

  3. #13
    Join Date
    Jul 2008
    Location
    The Left Coast of the USA
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: Hypothetical Linux Malware Question.

    Yes, it is unrealistic. Most Linux users want to be able to, and should be allowed to, install whatever they please on their systems.
    Please read The Forum Rules and The Forum Posting Guidelines
    My Blog
    A thing discovered and kept to oneself must be discovered time and again by others. A thing discovered and shared with others need be discovered only the once.
    This universe is crazy. I'm going back to my own.

  4. #14
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    4,415

    Re: Hypothetical Linux Malware Question.

    Quote Originally Posted by mike_smith2 View Post
    if a piece of software convinces the user it's safe and something they want to install and give root privileges to is there anything stopping it doing whatever it wants?
    If you were silly enough to give it root? Then it has full access to all system resources.

    Of course, that particular question is a bit like asking "If I drive the wrong way down a busy street at night with my lights off and swerve a lot, might I get into a crash?" The question has assumed away layers of safeguards intended to prevent precisely that sort of issue.

    The other half of the question, somehow "requiring" users to use the Ubuntu repositories (why wouldn't you? It's so much easier!) is both unnecessarily restrictive, and ineffective...those same dunces will happily follow different instructions to compromise their system some other way. Like a bootable media with malware.
    Last edited by ian-weisser; September 22nd, 2013 at 02:40 AM.

  5. #15
    Join Date
    Nov 2011
    Beans
    2,336
    Distro
    Ubuntu

    Re: Hypothetical Linux Malware Question.

    Quote Originally Posted by mike_smith2 View Post
    I understand that Linux is significantly more secure than Windows in many ways.

    But if a piece of software convinces the user it's safe and something they want to install and give root privileges to is there anything stopping it doing whatever it wants? For example deleting/modifying system folders, reconfiguring grub, deleting partition table etc?

    I'm not trying to scare monger just a question I've thought about for a while.
    Give something root privileges and it can do what it wants.

  6. #16
    Join Date
    Nov 2008
    Location
    S.H.I.E.L.D. 6-1-6
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Hypothetical Linux Malware Question.

    moved to reoccuring discussions
    Don't waste your energy trying to change opinions ... Do your thing, and don't care if they like it.

  7. #17
    Join Date
    Sep 2013
    Beans
    1

    Re: Hypothetical Linux Malware Question.

    Quote Originally Posted by ian-weisser View Post
    Of course, that particular question is a bit like asking "If I drive the wrong way down a busy street at night with my lights off and swerve a lot, might I get into a crash?" The question has assumed away layers of safeguards intended to prevent precisely that sort of issue.
    I think that's an exaggeration, if a piece of software had a safe, legitimate looking website, with a nice domain name, promoted as version 2.01.8 as if it's been a staple of Linux for the past 5 years, and it promoted it's self as a legitimately useful piece of software a lot of people would give it sudo/root privileges to at least install it in the 1st place.

    Quote Originally Posted by ian-weisser View Post
    The other half of the question, somehow "requiring" users to use the Ubuntu repositories (why wouldn't you? It's so much easier!) is both unnecessarily restrictive, and ineffective...those same dunces will happily follow different instructions to compromise their system some other way. Like a bootable media with malware.
    That is why I made the suggestion in the 1st place, I think the Ubuntu repository is near perfect and wouldn't restrict users much at all. I think limiting non repository software to non root/sudo privileges is a good compromise.

    If Linux was to go mainstream it would have to adopt either Antivirus or an app ecosystem that requires software to be OK'd by the community if it wants root privileges. The majority of everyday Windows users are idiots, you would need to put some safeguard in place. Is that an unreasonable comment?

  8. #18
    Join Date
    Mar 2009
    Beans
    1,745

    Re: Hypothetical Linux Malware Question.

    Quote Originally Posted by mike_smith2 View Post
    I understand that Linux is significantly more secure than Windows in many ways.

    But if a piece of software convinces the user it's safe and something they want to install and give root privileges to is there anything stopping it doing whatever it wants? For example deleting/modifying system folders, reconfiguring grub, deleting partition table etc?

    I'm not trying to scare monger just a question I've thought about for a while.
    There is absolutely nothing to stop the malware in that case.

    There are lots of ways in which malware can be injected into the system, and most people ignore them. Generally speaking, Linux is strong in areas where Windows is weak. That doesn't mean Linux is inherently safe.

    In your example, this is an operator error. Root user has much more power than any Administrator in Windows, or let's say there are fewer checks to limit its privileges or to ensure that the task being executed is rational or safe for the system. If you have an installer run and you give it your password for a sudo, then it's running as root.

    https://wiki.ubuntu.com/BasicSecurity

  9. #19
    Join Date
    Mar 2009
    Beans
    1,745

    Re: Hypothetical Linux Malware Question.

    I have lots of software on my *buntu systems that isn't in the repository. Oracle Java, grails, Oracle database, X-plane, Sublime Text 2, VMware, GGTS, the list goes on. Basically if it's non-free then it's not in the repo, or at least not directly.

    To flip that idea over on its other side, if *buntu decided to limit all software to be what's in the repository, all of my *buntu systems would suddenly become some other distro. There would not be a single one left.

    To go a little step closer to home, how do you think software which is not in the repo gets into the repo? Somebody downloads it from a source that's not in the repository, compiles it or installs a binary, and then puts it in the repo.
    Last edited by 1clue; September 22nd, 2013 at 05:09 AM.

  10. #20
    Join Date
    Sep 2013
    Beans
    1

    Re: Hypothetical Linux Malware Question.

    Quote Originally Posted by 1clue View Post
    There is absolutely nothing to stop the malware in that case
    That's not true. If non repository software could never become root (except for resolving dependencies using packages from official repositories) that would stop that.

    So could (not necessarily) a real time malware scanner/software blacklist. I far prefer the above idea but perhaps some sort of minimal blacklist could be implemented

Page 2 of 9 FirstFirst 1234 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •