Virus & Antivirus in Linux - Part 1
All windows users would have heard about computer virus and anti-virus software’s and the first thing they do is install a anti-virus software in their computer. Often, the buzz in the Windows security world is about which protection-for-profit firm was the first to discover and offer protection for the malware.
If a rogue program gets in your windows machine, the time and money you have to invest to remove those malwares not only helps to reinforce the notion that you have to have malware protection, but that it has to be the right protection, too. The security firms are aware of this and they play on hte security fears of the end-user in their advertising. The huge amount of malware available for windows and the way windows user permissions works has conditioned Windows users to accept this security tax.
It is no wonder when Windows users who are finally convinced to try Linux are in disbelief when I tell them to lay that burden down. The first question they all ask is whether Linux is virus proof and is it true that it doesn't need an Anti-virus software? My answer to that question is no. Linux is not virus proof, but the way user permission are played out and considering the number of malwares available for Linux, the role played by the Anti-virus software is negligible and downplayed in a Linux environment.
User Permission On Linux
Linux implements a multi-user environment where users are granted specific privileges, due to this, to gain control over a Linux system or cause any serious damages to the system itself, the malware would have to gain root access to the system. To be clear just remember permissions on Linux are universal. They cover three things you can do with files: read, write, and execute. Not only that, they come in three levels: for the root user, for the individual user who is signed in, and for the rest of the world. By default system files can only be accessed as root user, while a normal user can have permission to read, write and execute his files alone and others can access or read the users file only if the user have given permission for them to do so. Normally in a Linux environment no user is given root permission to access system files. Because of this a malware needs root permission to have an impact on the system as a whole.
Virus In Linux Environment
No, virus are environment dependent and they have limited life time. Like any biological entity, a computer virus needs to spread(reproduce) before it dies to successfully cause an outbreak. Due to the hostile nature in Linux, a virus life is short and dies before it can cause any significant damages. Also due to the difference between the binary/executable files between Windows and Linux, Windows virus has no impact on a Linux machine, and virus writers have to spend significant amount of time to create a Linux virus that can survive the hostile environment of Linux. Because of this only a couple hundred of Linux viruses are in the open (Windows has over a million malwares) and those available too have problems in taking control of an entire system.
Some malware programs require that you open an attachment. Others don't even require that user error. On Linux, there is built-in protection against such craft. Newly deposited files from your email client or Web browser are not given execute privileges. Cleverly renaming executable files as something else doesn't matter, because Linux and its applications don't depend on file extensions to identify the properties of a file, so they won't mistakenly execute malware as they interact with it. Due to this only users who tries to execute all the programs as root are those who likely get a malware to control the system. But fortunately most of the Linux users are either geeks who know what they are doing or those who even don't know how to execute a program as root. This also makes Linux a place for a virus.
Another thing to note is the software repositories used by Linux. These repositories contain all the software’s that can run in Linux and are maintained by Open Source communities and are often checked thoroughly for malware. Also most of the Linux programs or software’s are available as open-source, meaning the source code is available and the executable can be compiled and installed, thus further reducing any chance of malware.
So, Is Linux Virus Proof?
No. But the number of viruses and the damage they can make are insignificant. Linux users, like users on every operating system, must always be aware of security issues. They must act intelligently to keep their systems safe and secure. They should not run programs with root privileges when they are not required, and they should apply security patches regularly.
I will cover about the different types of Linux malware, that you should be aware in part 2 of this article.