To edit the page, the password is go
From - Sat Nov 20 22:34:52 2004 X-Original-To: linux-elitists@zgp.org Delivered-To: linux-elitists@zgp.org From: Mike MacCana <mmaccana> To: linux-elitists@zgp.org Subject: [linux-elitists] Comprehensive list of Linux malware List-Subscribe: <http://zgp.org/mailman/listinfo/linux-elitists>, <mailto:linux-elitists-request@zgp.org?subject=subscribe> There doesn't seem to a full summary of the default options in Linux that make it more secure than Windows. So Here's One Mike Prepared Earlier. Discuss (like you needed instructions), and grab it if you want, its public domain (maybe Rick feels like incorporating it into his site). - Default file permissions in Linux do not allow new executable files In Windows, ACLs are inherited from the users Documents and Settings directory, which, in the default install, gives execute on all objects created within it. Default file permissions in Linux (which are generally inherited from the user) do not allow new executable files, regardless of the users default permission (umask). - File types based on executable, not file name in Linux. This makes it harder to have an app with content of one type and a file extension of another - used in some exploits. - Executable files don't get to set their own icons. Only launchers do, in both Gnome and KDE. This makes it hard for an executable to use the same icon as, say, a JPEG file. - Executable files not used to package software Legitamite software is supplied as a package file that only needs to be read by an existing, trusted executable installation app (ie, up2date, apt-get). Hence users are not in the habit of making files executable. Some applications (such as up2date) refuse to install packages that haven't been signed by someone trusted by the user (trusting means explicitly importing that persons public key). It may be possible to have a non executable MSI file - though almost all the Windows software I get is distributed as .exes. Any Windows admins wanna help out? - Better default filesystem ACLs Filesystem ACLs in Linux restrict more. In the default install of Windows 2000, it's possible for a non administrative user to save a file as explorer.exe in C:\ and have it executed by all users upon login. Of course, Windows 2000 isn't the current MS operating system, but it its only four years old. - Better vendor security culture Years ago, Microsoft's security reputation was atrocious: for example, Exchange 5.5 shipped as an open relay by default, with no way to turn this behaviour off untill Service Pack 3 was released. But at least 5.5 customers got a service pack: Exchange 5.0, to this day, has no way to stop it being an open relay. Customers who paid for 5.0 were forced to pay for 5.5 for relay control. Now they're just not particularly good: Windows XP Service Pack 2's fiewall leaves (IIRC) around 7 ports open by default, including those used by some of the major Windows worms (slapper IIRC, but the register.co.uks search feature is making it hard for me to find the article). A default Fedora or RHEL install leaves apps listening on zero ports (or one if you use a dhcp client). Other modern distros likely do the same. - Windows encourages desktop logon as administrative users The default install of Windows creates one user whose a members of the local administrators group. As a result, its common practice to log onto a Windows box as such a user and run all apps, even non-adminsitrative apps, as a high priveleged user, ignoring the Run As option (even more so in Windows 2000, as its kind of hidden - you have to shift right click an executable). This means people browse the web as Administrator. Linux distros create a non root user in the default install and suggest users log in as this user. On the command line, users can use sudo or su to switch users, graphical admin apps (that aren't shit) will simply prompt for the root password when launched. Mike