Linux virus (was RE: [plug] Windows Briefing)

Christian christian at global.net.au
Sun Jun 13 10:10:36 WST 1999


Greg Mildenhall wrote:
> 
> On Wed, 3 Jan 1996, Trevor Phillips wrote:
> > Matt Kemner wrote:
> > > Sure it is possible for someone to write a Linux virus, and it can destroy
> > Oh? How often do we run things as root?? How do we know a "configure" or
> > "install" script we run doesn't tweak something in the system if run as
> > root?
> Because the source code is available.

(Addendum: I never run configure as root.  Only su to root when I need
to run the 'make install'.  I suspect I'm not alone in this.)

> > How do we know that cute li'l util or app we compiled and run
> > doesn't do things other than advertised?
> Because the source code is available.
> 
> > Do we have to read the entire source and setup scripts to locate
> > malicious commands??
> No. Someone has already done that. A typical Free Software project will
> have multiple authors of the original code, and two or three packagers who
> will have looked over the code, then a number of interested users.
> If it runs as root, triple the estimate of people who have read the
> source.
> 
> > I suspect the lack of such "viruses" (more trojans...) is due to the
> > fact you know whose responsible for the code (in most cases)...
> Well, perhaps even more of a factor is that you can prove that the
> software is doing what it is doing.

To be irritatingly pedantic, having the source code doesn't actually
give you any sort of true verification of what the software does.  Ken
Thompsons paper "Reflections on Trusting Trust" explains why.

Of course, in most ordinary, real-world situations you're completely
right - having the source code does allow you to say with a great deal
of certainty that the software doesn't contain any nasty, additional
"features".

Regards,

Christian.

-- 
If the human brain were so simple that we could understand it,
we would be so simple we couldn't.


More information about the plug mailing list