View previous topic :: View next topic |
Author |
Message |
why knot n00b
Joined: 04 Jan 2006 Posts: 15
|
Posted: Wed Oct 31, 2007 5:37 am Post subject: Virus protection |
|
|
I recently downloaded a program from a source I have never heard of and did not contain a sumcheck, but even if it did, I am unsure how I can assure myself that this program is legit. How do I know that running the make/make install will not completely destroy my system or do something else malicious.
1. Is there anyway for me to run a virus scanner on the program?
2. Is there anyway for me to install the program in a sandbox so it cannot modify any of my other files? or is this already apart of the make/make install software? should I even be concerned?
Thanks,
Why Knot |
|
Back to top |
|
|
neuron Advocate
Joined: 28 May 2002 Posts: 2371
|
Posted: Wed Oct 31, 2007 11:01 am Post subject: |
|
|
you could add a new user and run the program as that user. You could on top of that run it in chroot, although chroot should generally not be used for security.
In linux a user doesn't have access to destroy your system, which is one of the reasons there are very few viruses that targets linux/bsd/unix systems. |
|
Back to top |
|
|
phajdan.jr Retired Dev
Joined: 23 Mar 2006 Posts: 1777 Location: Poland
|
Posted: Wed Oct 31, 2007 12:29 pm Post subject: |
|
|
You can run it in the VM too. Or at least some kind of virtualization.
But scanning the source/binary/whatever is pointless, because what would you search for? Deleting files? It could do for legitimate purpose. In other case it can be easily obfuscated using #define or asm calls or similar. You can scan the source manually, but this is simply impossible for large programs.
If it's known and popular piece of software, you can probably trust it (after checking gpg sig if you're paranoid enough). Otherwise the risk is real, and consider VM, other account etc. |
|
Back to top |
|
|
|