Linux virus under admin account

Chat about Linux in general
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Locked
User avatar
Fred Barclay
Level 12
Level 12
Posts: 4185
Joined: Sat Sep 13, 2014 11:12 am
Location: USA primarily

Linux virus under admin account

Post by Fred Barclay »

Guys, first of all I know that the total number of Linux virii created is somewhere around 30, and that IIRC they were all proof-of-concept, i.e. none were actually found in the wild, but were created in the lab; and also that these may have properly been a different variety of malware than true virii, but were tagged as such due to "virus" almost being a synonym for "malware".
I also know that any Linux "virus" that would be released into the wild should effectively fizzle out in the home folder of the user, since the user (hopefully) won't be running with root privileges.
However, say the user is in an admin account--the default for Mint and LMDE. Since that user can gain root access by simply typing in their account password, what's to stop a virus from grabbing that password and using it to escalate itself to root powers, either by "sudo" or "su root". Couldn't it then reproduce throughout the system?
I'm sure I'm hardly the first to think of this, and therefore this has probably already been answered somewhere, but I can't find anything

Thanks a lot!
Fred
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein
User avatar
xenopeek
Level 25
Level 25
Posts: 29507
Joined: Wed Jul 06, 2011 3:58 am

Re: Linux virus under admin account

Post by xenopeek »

And that's why you run untrusted applications in a security sandbox :wink: Security through isolation.
Image
Locked

Return to “Chat about Linux”