Alan Cox wrote:
> So yes its possible. I suspect mathematically you can prove formally that
> any turing complete system is virus vulnerable.
The single most important thing about the effectiveness of a virus is
its ability to spread itself.
A deadly biological virus may exist, but will die out if it cannot
spread to other hosts before affecting (or killing) the original host.
Computer viruses are the same. If it cannot spread to enough computers,
it too will die out.
Linux (and Unix in general) is built in such a way that virus
replication is not quick enough for the virus to spread. This is caused
by the fact that very few people run untrusted binaries on their
machines, and even if they do far fewer run those binaries as root.
Because 99% of binaries on the machine are not writable by a typical
user, the virus cannot infect anything, and dies right there.
Another reason for this is the fact that the vast majority of software
for Unix has a free alternative. This means that instead of pirating
software, warez being a common vehicle for viruses in the PC world, a
Unix user will use the free alternative from a trusted source.
A further reason for the difficulty of virus spread in Unix is the
difficulty in hiding a process like a virus. On a PC, a virus can hook
into interrupts, and basically make itself invisible to someone using
standard tools. A Unix virus would show up in a ps listing, even under a
incongrous name it is still visible to an alert administrator,
especially if the process runs as the user who infected the machine.
In short, the above factors make a virus population under Unix converge
to zero, rather than diverge to a large number, as is the case under
less strict OS's, like DOS, Windows, etc.
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
VWV Interactive over Bourbon Street
tonight...
S/MIME Cryptographic Signature
