
How to write a Linux virus in 5 easy steps - Anon84
http://www.geekzone.co.nz/blog.asp?postid=6229
======
yalurker
Lame. His entire premise is a user manually executing code from a malicious
source. He asked the fedora team about his article and they said it was "well-
known and expected behavior" and I agree.

I might as well claim I can spread linux viruses on Hacker News by telling
everyone to open a shell and type "rm -r ~" or "sudo rm -r /*".

~~~
Harkins
This is, however, exactly how millions of Windows machines have wound up in
botnets. It's a serious attack vector.

~~~
gaius
Quite, and this is further evidence of how very far from prime-time Linux is,
when you have to _just pray_ that users "know" not to open innocent-looking
attachments sent from familiar addresses. Anyone who sneers "but I use pine!"
has completely missed the point of this article.

~~~
rbanffy
At least for now, Linux can feel comfortable its users are a whole lot smarter
than their average Windows counterparts...

Maybe in Windows its common behavior to download a program that says installs
something you want and running it with administrative privileges. Not so in
any Linux I know.

~~~
gaius
It can assume that its users know more about PC operating systems _but that's
all_. That is not really correlated with intelligence.

------
tsally
A far more relevant Linux security flaw about how easy it is to set up a
malicious mirror:
[http://www.cs.arizona.edu/people/justin/packagemanagersecuri...](http://www.cs.arizona.edu/people/justin/packagemanagersecurity/attacks-
on-package-managers.html)

The "virus" in this article is a bit trivial, as other users have pointed out.

------
anthony_barker
This guy makes a lot of claims without any details.These would be better
classified as gnome or kde viruses. I actually think finding a buffer overflow
on pidgen or another gnome c application that accepts inbound traffic might be
more effective for writing viruses.

\- That said some security around ~/.config/autostart wouldn't be a bad idea.

~~~
jgfoot
My pick would be the Flash plugin.

------
amjith
The virus idea proposed in this article relies heavily on the user being dumb.
But the last item in his article about getting the root access, was quite
scary.

Using gksu to trick the user into typing the root passwd or the sudo passwd to
execute a malicious script is a real threat.

------
DannoHung
Makes me think it might make sense to have a configuration user and a
"runtime" user. Any application that asks you to make a change to your
configurations when you don't expect it to can be considered suspect.

------
dougp
The article basically points out that KDE and gnome both provide convenience
methods in launchers that can be used for nefarious purposes and compromise
the security that the execution bit provides.

