|
|
发表于 2005-9-22 14:12:36
|
显示全部楼层
http://www.lannetlinux.com/mgr_guide/Manager's-Guide-to-Linux.html#Virus-proofdesign
"Virus-proof" design
Boot-sector and file viruses have historically been known only in the PC world. Higher-end systems like Unix have two clearly demarcated privilege levels -- call them "user" and "system". A normal user, or a program owned by a normal user, has no privilege to delete system files or files belonging to other users, because such actions require "system" privileges. The administrator of a Unix system, or "super-user", is the only one with system privileges. Therefore, normal users of Unix have limited ability to cause damage to their systems by importing suspect files from elsewhere. That is why we never hear of Unix viruses. (We sometimes hear of Unix "worms", programs that choke systems by replicating themselves endlessly and filling up storage, even if they have no privilege to actually delete or corrupt files. Worms are not as destructive as viruses, and can also be blocked with a little diligence.)
All said, Linux, like Unix, can be considered relatively "virus-proof" compared to the "lightweight" operating systems -- MS-DOS, Windows 3.1, Windows 95, Windows 98 and the Macintosh. The deadly Chernobyl virus that irrevocably damaged hundreds of thousands of Windows 95/98 PCs around the world on April 26th left Linux machines unaffected. (The Mac is affected by a different, but no less deadly, set of viruses. Examples of Mac viruses are INIT-29 and Autostart 9805.)
Windows NT, like Unix, has separate "user" and "system" privilege levels, so NT is in theory as virus-proof as any version of Unix. However, Windows applications, even on NT, are vulnerable to a new kind of virus, the "macro virus", that spreads through e-mail attachments and infects Word and Excel documents. "Melissa" is one such macro virus that was recently in the news.
Computer users whose experience is limited to Windows PCs and Macintoshes could be excused for thinking that viruses are an inescapable part of life with computers. It should be pleasant news to them that there exist operating systems that are inherently resistant to viruses because of a better security design, -- Unix, Linux, and to a lesser degree, Windows NT.
Though Linux at present enjoys a virus-proof reputation, it has largely escaped the attention of virus writers because of its limited market presence compared to the ubiquity of Windows computers. As Linux gets more popular, viruses targeting it will certainly appear. A Linux virus could result in careless users losing their own files, even if system files and the files of other users are unaffected. Personal computer owners should be particularly careful not to log into their systems as the super-user for anything but system administration tasks. Inadvertently downloading viruses while logged in as the super-user can result in wholesale damage just like on a Windows PC.
Moreover, the addition of macro-like programming features to the free Gnumeric spreadsheet program is cause for concern. The developers claim that Gnumeric allows only trusted code to execute in a spreadsheet, and that a Melissa-type attack will not be possible. Unless backed up by a public-key infrastructure that authenticates external code, it is not easy to see how imported spreadsheets with useful macros can be viewed without danger.
So using Linux today certainly puts you in a more comfortable position with respect to virus protection, but there is no place for complacency. Eternal vigilance is the price of freedom. |
|
IP卡
狗仔卡
显身卡
发表于 2005-9-22 20:49:43