Though you’re probably less likely to find yourself riddled with malware if you’re running Linux rather than Windows, that doesn’t mean security software should be ignored entirely. ClamTK — or KlamAV, depending on which environment you use — gives your Linux PC an antimalware guard dog that goes beyond the old “security by obscurity” strategy.
Have you run a virus scan lately? Nope? Don’t need to, you say. That’s because you run a Linux OS.
Think again. To quote the title line of Bob Dylan’s third studio album, “the times they are a-changin.'”
Yes they are. And part of that change is the greater risk of malware attacks to the Linux operating system. It used to be that Linux was so iron-clad safe security-wise that virus intrusions did not exist.
Used-to-be has now given way to possibly maybe. The rallying cry among security experts in the past was simply that using a Linux OS — or Mac OS X — gave your built-in security by obscurity.
Still, many operators of Linux-powered email servers for years ran Unix-based security software to insure that contact with the Windows environment didn’t unwittingly pass along any viruses. That same strategy makes sense if you run any of the dozens of flavors of the Linux desktop.
The ClamAV Antivirus Manager (or AVG) is a good safety precaution. It comes in versions for GNOME and KDE desktop environments.
With so much of our computing activities based on Web-based apps and cross-platform software such as browsers and word processors, this unobtrusive scanner application goes a step or two beyond the “security by obscurity” axiom.
Permissions on Linux are universal. They cover three things you can do with files: read, write, and execute. Not only that, they come in three levels: for the root user, for the individual user who is signed in, and for the rest of the world. Typically, software that can impact the system as a whole requires root privileges to run.
Some malware programs require that you open an attachment. Others don’t even require that user error. By hook or by crook, malware on Windows often gets executed, infecting the local system first, then spreading itself to others. What a terrible neighborhood. I’m glad I don’t live there.
On Linux, there is built-in protection against such craft. Newly deposited files from your email client or Web browser are not given execute privileges. Cleverly renaming executable files as something else doesn’t matter, because Linux and its applications don’t depend on file extensions to identify the properties of a file, so they won’t mistakenly execute malware as they interact with it.
Short answer: no. Here’s why:
1. Limited user account – (compare SuRun – How to run a limited account on Windows)
2. Digitally-signed repositories for system and package updates
3. umask – newly created files on Linux will never have the executable bit turned on
4. diversity – the vast, almost infinite number of permutations containing kernel versions, patch levels, packaging, desktop environments, and software suites makes Linux malware game a lottery (see why large homogeneous population are a risk to society)