Why Linux is Virus Free
It’s a question worth asking, as it is actually important to know why Linux is resistant to malicious software in order for it to actually be. User knowledge is very much a part of it, but Linux makes it so that a little knowledge lets you limit your risk considerably. So, why is it?
The simplest reason is, the most effective reason for linux to be virus free is that most viruses aren’t written for linux. It has a high percentage of skilled users, a low percentage of the total number of boxes out there, and it’s just not that efficient. This is typically the answer hear windows users spouting.
The real reason, and the more complicated one, is that even if people did write viruses for linux, they would have a limited effect, and if they didn’t have a limited effect, they would likely be found by other people.
See, the way linux/unix works, is you have user accounts which control your access to the system. Typically, a user is allowed to read and execute most other files on the system, but can’t write to anything other than their own files. This prevents them from doing things like modifying executables, changing important configuration files, or generally doing the things that would be very useful if you were going to take over a computer.
So, while under a user account, the worst thing that a virus could do would be to steal information, destroy your personal files or fill up your hard drive/home partition. Your computer would remain largely untouched, and you could always just create a new user(although your files would miss you) There are also ways around letting most of these things affect you.
In addition, in order for a virus to affect you, it would not only have to be targeted at “Linux”(which is a very broad category really), but it would have to be targeted at a very specific vulnerability in a specific program in a specific version that YOU USE. Basically, since executable code isn’t just flowing about in user-controlled ways, any virus is going to have to find a way to hitchhike on another process. Which requires there to be a security vulnerabilty on your system, and for the virus to know about it. Then it has to know what to do with your computer once it’s there. The combination of factors makes it very difficult for any sort of mass market for a virus even within the linux community.
Now, in order for a virus to REALLY have any affect, it has to be executed by root. Root can pretty much do whatever it wants. It’s kind of like being on a windows machine, only you can literally rewrite the machine, and the entire operating system, partition table, and every file on the computer while it’s still running. Windows probably would let you do most of that too if you tried it directly, but if you did it would get really confused.
However, in order for malicious software to run as root, you..well..have to run it. When you’ve got things like rpm databases and debian/ubuntu’s apt-get system and gentoo’s portage..etc., you’ve got maintainers who are basically making sure that everything that gets onto your system is supposed to be there, and isn’t actively trying to hurt you. They’re aided in this task tremendously by the fact that almost everything you install on your system:
A) Has freely available source code, gets looked over by programmers, and any INTENTIONAL flaws in it would be very loudly and obviously pointed out.
B) Is compiled from said source code, preventing people from slipping anything else in after the fact.
In addition to that, there are also safeguards to make sure that what you’re downloading is the same as what was downloaded when the safeguard was put in place, and that no one’s tried adding anything on in the meantime since the last time everyone checked.
In short: Linux is virus free because you wouldn’t use it to run viruses.
