Is Linux a Target?
This recent article about a 3rd-party Trojan’d piece of software for Linux is a bit sensationalist.
If a user purposely installs software of uncertain provenance (STONESOUP anyone?), it doesn’t matter what operating system lurks underneath. Does anyone know of an OS that refuses to execute an application the user commands it to install and execute?
I don’t think the community has found an effective sandboxing technique that provides both precision and accuracy in constraining arbitrary software (i.e., no technique that I know of automatically ascertains what the valid limits of the software should be within the constraints of security policy and user needs).
And it definitely should not be news that Linux is (and has been for a while) a target.
