On Fri, 2004-12-10 at 01:09 +0000, Martin Alderson wrote:
> 1) We will get viruses still. Viruses can very easily live in
> userspace. Therefore, Linux offers no extra protection. Infact, it
> probably offers less due to the huge array of programming languages
> (python, perl, php, bash etc etc) that it offers straight away. This
> means lots and lots of filetypes to exploit.
> 2) Spyware, again, is a userspace thing and therefore can very easily
> happen. I could write you a Firefox extension that you could nistall
> and it would popup with a random advertiser every 5 seconds.
I think there is a bit of confusion here. Most Windows worms, spyware
and viri are user-space programs. As opposed to kernel-space programs
such as kernel modules. The reason Linux will never have as many
exploits as Windows is the weak separation of priviliges Windows has.
Almost anything that has to do something useful runs with administrator
access, and therefore potentially will yield administrator access to an
attacker. On a properly configured desktop Linux system, only a few key
processes run as root and not one of them is actually listening on the
network (at least not on a public interface) and even out of those half
is running as a root more by tradition. This is the main reason why
Linux is more difficult to exploit. Also, by doing senseless integration
and over-friendliness MS hid from the user a lot of things that user
actually has to know, weather he/she wants it or not (such as a file
extension). This is another thing that makes Windows a better platform
to exploit. Hopefully by the time Linux desktop will start actually
making it, selinux will become more mature and standard, and it will
become impossible even for a user process to do anything it was not
designed to do.
ubuntu-devel mailing list