Find the answer to your Linux question:
Results 1 to 3 of 3
I know that a system with windows (without strong anti-virus) would be easily pulled down by the viruses in the LAN whereas in linux it's no so.. I heard that ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2005
    Location
    India
    Posts
    60

    executable files in linux...


    I know that a system with windows (without strong anti-virus) would be easily pulled down by the viruses in the LAN whereas in linux it's no so..
    I heard that in Windows the files are identified by their file extension like .exe,.com,etc(andhence the viruses with .exe extensions run easily on windows system).. whereas in Linux it is by the file type and hence .exe or whatever executable file is their it won't run without the permission of the superuser.Please explain.....

  2. #2
    Linux User
    Join Date
    Aug 2005
    Location
    Italy
    Posts
    401

    File types in linux

    In GNU/Linux systems the file type is determined by its data context (a file is recognized by its data: a script begin with "#!/bin/sh", an MP£ file with "ID3", and MPEG file with 0xBA hex code... and so on). So the file extension become unusefull (because if I rename test.mp3 to test.exe or test.txt its data doesn't change, and remains always an MP3 file and it is recognized as MP3 file). (see the file command!)

    Executables files are recognizable by their data, but they can be executable only if it's execution permission bit is set (do you know about permission bitmask???). If executable bit is set, and if the file is an executable recognized by the running kernel, the application starts.

    An executable run with the permission of the caller: so if you run an application as user, the application have the permission of the user. If the user is "root", the application can do anything root can do!

    Then, certain executable can be run only with root permissions, because it may edit some configuration file or anything else. So the application can do its job only if the application was started by the administrator (root).

    If any application need superuser privileges, but should be run by any user, executable file have an extra permission bit: the SUID bit (Set User ID). When this bit is set, the permissions at run time doesn't depends on the application caller, but the file owner (do you about file owner/group?). So if application has SUID bit set and it's owned by root, when any user run the SUID executable, run application with root privileges.

    That's because GNU/Linux system are harder to break. To modify system configuration (to introduce viruses, root kits, backdoors...) you should break services that runs with root provileges, otherwise none can modify the system. SUID application are very rare, and often they are secure. However, even if an application runs with root privileges, often it is closed into a limited sub-system (called root jail), wich is a minimal system "running" on top of the system. If application is break, it is limited into the minimal system, so it cannot iteract with the real system running.
    Last edited by sarumont; 01-12-2006 at 12:47 AM.
    When using Windows, have you ever told "Ehi... do your business?"
    Linux user #396597 (http://counter.li.org)

  3. #3
    Linux User twoHats's Avatar
    Join Date
    Jan 2005
    Location
    NH, USA
    Posts
    280

    Thumbs up Excellent Explanation

    burnit! This should be a sticky - awsum job of explaning!

    Thanks again
    - Clouds don't crash - Bertrand Meyer

    registered Linux user 393557

    finally - hw to brag about - but next year it will look pitifully quaint:
    Athlon64 X2 3800 - 1G PC3200 - 250G SATA - ati radeon x300
    circa 2006

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •