Skip to Content

Linux doesn't need an antivirus

ramez.hanna's picture

This is an essay to explain why linux in more immune to viruses.

How viruses infect computers?

There is basically two ways that viruses and worms propagate: social engineering, and poorly designed software. Social engineering is the art of conning someone into doing something they shouldn't do, or revealing something that should be kept secret. A user receives an email that looks like its coming from a known company (microsoft for example) and the body of the message informs the reader that the attached file is a critical update that should be applied immediately, OR the email contains an image attachment that turns out to be an executable with an image extension and poof the system is infected. Poorly designed software is seen in software vulnerabilities, bugs or even insecure logic. Poorly designed software makes it easier for social engineering to take place, but such software can also subvert the efforts of a knowledgeable, security-minded individual or organization. Together, the two factors can turn a single virus incident into a widespread disaster.

Let's look further at social engineering. Windows software is either executable or not, depending on the file extension. So if a file ends with ".exe" or ".scr", it can be run as a program (yes, of course, if you change a text file's extension from ".txt" to ".exe", nothing will happen, because it's not magically an executable; I'm talking about real executable programs). It's easy to run executables in the Windows world, and users who get an email with a subject line like "Check out this wicked screensaver!" and an attachment, too often click on it without thinking first, and bang! we're off to the races and a new worm has taken over their systems, using it as a zombie station or worse messing it up from system files to personal files and maybe even kill the system totally. I've seen malware that once executed starts downloading more malware.

Why is linux safer?

Some basic facts first. Permissions on Linux are universal. They cover three things you can do with files: read a file, write to a file, and execute a file. Not only that, they come in three levels: for the root user (who can do anything he likes), for the individual user who is signed in (who would only have access to files he owns), and for the rest of the world. Typically, software that can impact the system as a whole requires root privileges to run because system files are only executable or writable by the “root” user.

So for a Virus to mess a Linux system the following steps should occur, a Linux user would have to read the email, save the attachment, give the attachment executable permissions, and then run the executable. Even as less sophisticated users begin to migrate to Linux, they may not understand exactly why they can't just execute attachments, but they will still have to go through the steps. Further, due to the strong separation between normal users and the privileged root user, our Linux user would have to be running as root to really do any damage to the system. He could damage his /home directory, but that's about it. So the above steps now become the following: read, save, become root, give executable permissions, run. The more steps, the less likely a virus infection becomes, and certainly the less likely a catastrophically spreading virus becomes.


Security is, as we all know, a process, not a product. So when you use Linux, you're not using a perfectly safe OS. There is no such thing. But Linux establish a more secure footing, one that makes it far harder for viruses to take hold in the first place, but if one does take hold, harder to damage the system, but if one succeeds in damaging the system, harder to spread to other machines and repeat the process. When it comes to email-borne viruses and worms, Linux may not be completely immune - after all, nothing is immune to human gullibility and stupidity - but it is much more resistant. To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it.

Dr. Radut | book