20
2
I don't run an antivirus on Linux ( most people I don't AFAIK ) and I'm not at all concerned about any form of malware or spyware or any other_bad_ware.
Should I by concerned?
Of course I don't run as root.
20
2
I don't run an antivirus on Linux ( most people I don't AFAIK ) and I'm not at all concerned about any form of malware or spyware or any other_bad_ware.
Should I by concerned?
Of course I don't run as root.
23
Yes
I don't run antivirus software on my Linux boxes but that is not the only form of malware.
I do apply patches and updates as soon as they are available, especially for security-critical software (e.g. firefox, ssh, gpg). We could debate whether that is a good or a bad approach but the question here is 'should I be concerned?' ... either way we would be debating the risks because we believe there is a threat. Similarly, I only apply software and patches from repositories and sources I have some trust in.
Web-borne malware is a serious threat so I do run NoScript, for example, and avoid enabling Java and Flash handlers except on sites where I need these and have some trust.
Finally, I check non-text attachments I receive from third parties before forwarding them on to others. In most cases any malware payload would not affect me but it could affect someone I send the file on to.
5
Yes. You should worry about malware on pretty much any system.
Your concern and actions should be proportional to the risk (currently very low with Linux) but complacency is a bad idea and you should be periodically reassessing the potential threat, consequences and your response.
EDIT: The fact you point out that you don't run as root suggests that you do worry about malware (sensibly) and take sensible precautions. If you didn't worry about it you wouldn't care what you were running as...
Not running as a highly privileged user is simple best practice. That's only partly due to the risk of malware infection. The more privilege you have, the more rope with which to hang yourself. – Tim Long – 2009-07-28T23:04:45.137
I agree, I was just pointing out that by embracing such best practice even Linux users are generally behaving in a way which suggests some degree of consideration for spyware and malware. After all, if it was no risk at all running as admin would be fine. – Jon Hopkins – 2009-07-29T08:22:18.470
5
It's important to note that there are all kinds of malware that can attack a Linux computer despite it's high security. Even a fully patched system with no known vulnerabilities can still be attacked.
Also, you should assume that there are always unknown security flaws in all the programs you are using. It's only a matter of time before they are found. Thus it's important that you don't let two unrelated minor vulnerabilities turn into one major one. For example, that brute-forced ssh account gives a local user access; but a newly discovered kernel bug turns that access into remote-root access.
Finally, even if the system itself is very secure; only ssh (or maybe not even ssh) is network facing, the system uses SELinux and intrusion detection systems and is fully patched and has only a minimum of software installed, etc, you still don't want your own user account messed up. Your data could be stolen or destroyed; your passwords could be sniffed using a keylogger; you could be impersonated online and other systems might be compromised; your account could be used to send spam or launch attacks; the list goes on.
There ARE linux worms, rootkits, botnets, etc in the wild which do these things already. As a computer owner it's your duty to do your best to keep your system clean.
2
The usual answer is that you shouldn't because of the access control model that is much more followed in unix-like systems. On Windows systems, this model also exists, but is less followed : ie the user of the system runs with administrator privileges.
That said, even at a user-level you may have malware that harms your account. Mostly in fishing information (banking information) or impersonating you since the malware has access in everything that you have access to.
2
Install the grandaddy of malware checkers, chkrootkit, and run it from time to time. There is little to no risk from usual viruses and spywares, though.
1
According to Wikipedia you shouldn't:
Like Unix systems, Linux implements a multi-user environment where users are granted specific privileges and there is some form of access control implemented. To gain control over a Linux system or cause any serious consequence to the system itself, the malware would have to gain root access to the system.
Edit: In response to other answers and comments. I don't say you shouldn't keep your system patched, but there are two reasons Linux is saver than Windows:
This doens't mean your immune to people wanting to do harm to your computer, but if you have no knowledge about these things, it's going to be hard to protect yourself against the unknown.
9So Wikipedia is ruling out the possibility of malware fooling the user into granting root access, finding a security hole, causing damage without root access or coming up with an attack so far unconceived? With all due respect, Fail. – Jon Hopkins – 2009-07-24T08:09:21.780
Just to clarify, the fail is for Wikipedia, not you Ivo. – Jon Hopkins – 2009-07-24T08:11:32.743
@Tyrannosaurs - why not edit the article? – tomfanning – 2009-07-24T08:42:48.690
@tomfanning - added a small disclaimer, though the next couple of paragraphs already go on to talk about specific threats and suggested countermeasures. It's somewhat quoted out of context. – Jon Hopkins – 2009-07-24T09:06:55.467
Blame it on the messenger then ;-) People seem to disagree with it anyway – Ivo Flipse – 2009-07-24T09:15:23.620
@ for your kind note wikepedia's article's can be easily edited and we cant trust wikepedia for this answer – BlueBerry - Vignesh4303 – 2012-08-07T15:01:32.190
3To some extent, this applies to Mac OS X as well. – jtbandes – 2009-07-24T08:18:55.080