| 1 |
Am 23.10.2011 09:49, schrieb Mick: |
| 2 |
> On Saturday 22 Oct 2011 22:30:45 Volker Armin Hemmann wrote: |
| 3 |
>> Am Samstag 22 Oktober 2011, 18:14:32 schrieb Nikos Chantziaras: |
| 4 |
>>> On 10/22/2011 05:07 PM, Adam Carter wrote: |
| 5 |
>>>>> there aren't any Linux viruses, |
| 6 |
>>>> |
| 7 |
>>>> Except for the ones listed on the page below, which is probably |
| 8 |
>>>> incomplete. http://en.wikipedia.org/wiki/Linux_malware |
| 9 |
>>>> |
| 10 |
>>>> But yeah, on a linux desktop (especially a Gentoo one) you don't need |
| 11 |
>>>> a virus scanner. Yet. |
| 12 |
>>> |
| 13 |
>>> There are literally *millions* of Windows viruses. The Wikipedia page |
| 14 |
>>> just proves Linux has virtually no viruses, and those listed don't even |
| 15 |
>>> work anymore (exploits have been patched long ago.) Most existing Linux |
| 16 |
>>> malware targets servers (like PHP software exploits in forums, wikis, |
| 17 |
>>> etc) and desktop users don't need to worry. |
| 18 |
>>> |
| 19 |
>>> Furthermore, even if there were enough Linux viruses to worry about, |
| 20 |
>>> there isn't a good way of getting infected. On Windows, you download |
| 21 |
>>> random executables from the net. On Gentoo, you install your stuff |
| 22 |
>>> through portage. It's nearly impossible to get infected. |
| 23 |
>> |
| 24 |
>> except when someone puts up or takes over a rsync server and starts |
| 25 |
>> providing malicious ebuilds. |
| 26 |
>> |
| 27 |
>> |
| 28 |
>> Hilarious. |
| 29 |
> |
| 30 |
> Isn't that what happened back in 2003/04? I can't recall exactly but there |
| 31 |
> was some discussion where it was suggested that clients should rsync against |
| 32 |
> two different mirrors and diff the portage contents (or hashes thereof?), before |
| 33 |
> accepting the sync result. |
| 34 |
|
| 35 |
That still doesn't protect you against man-in-the-middle attacks or an |
| 36 |
attack against the CVS tree (like the recent kernel.org disaster). |
| 37 |
|
| 38 |
Signing the manifest files is really the only reasonable solution. Good |
| 39 |
thing there seems to be some progress in that direction: |
| 40 |
https://bugs.gentoo.org/show_bug.cgi?id=360363 |
| 41 |
|
| 42 |
Regards, |
| 43 |
Florian Philipp |
Archives