Hans van der Merwe wrote: > On Tue, 2007-08-07 at 10:40 +0200, Clayton wrote: > >> On 8/7/07, Registration Account <[EMAIL PROTECTED]> wrote: >> >>> As you know clamAV provides NO realtime virus detection >>> and from time to time we all need to execute a clamscan >>> - Well I just performed a clamscan and found 4 folder >>> which a year or so stored and catagorised emails and >>> all 4 folders were infected with >>> Phishing.Heuristics.emal.spoofedDomain virus's. As >>> almost all emails are held in mbox format I would >>> suggest everyone to run a scan periodically. Remember >>> clamAV provides NO repeat NO real time protection, even >>> if you copy them to a MS Windows or NSF drive or open >>> an infected file or execute an infected .bin file >>> >> But... that isn't a Linux virus is it? That is an email with stuff in >> it that is only "triggered" when you respond to the contents... (click >> on link, provide personal information in a reply etc) ie.. it is a >> social engineering virus, not a Linux virus. >> >> >> C >> > > On this subject. > > If/When Linux makes it big-time on the desktop do you think it will also > be bogged down with virus attacks as MS is now. > > Why is it assumed that Linux is less prone to virus attacks? I know to > install stuff in the system, root is necessary, but installing and > running dangerous stuff in the user home directories is easy; you just > need a cunning app to fool the user in executing malicious code. > (given, doing this in Win is easier, but not impossible in any flavour > Linux) > >
In order for it to run, someone has to make it executable first. If that is not done, a virus is incapable of doing anything. Then even if it manages to run, it can only affect whatever the user has permissions for and nothing else. Further, there were many bad design decisions in MS software, that leave it wide open for abuse. A famous example of this is how IE is built into the kernel. The sole reason for this is because in the Netscape vs MS trial, MS said IE couldn't be removed as it was part of the OS. Next version of Windows, it was mixed in with the OS, when it previously had been just an app. This means that any malware that affects IE has the run of the system. At a time when good software engineering dictated modularizing, MS was going the other way. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
