Posted by: Brein Matturro
Linux, Network and application security, Open-source
It was only a matter of time.
With the recent news that a worm has infected the popular Microsoft Office alternative known as OpenOffice (across Windows, Mac and Linux platforms), some security industry watchers have begun to wring their collective hands. Because OpenOffice is the most popular office suite for Linux, some are fearful that a malware plague is about to descend upon the open source OS. Give these pundits a second, and they’ll opine that Linux’s era of “security through obscurity” is coming to an end.
Commercial Linux desktop adoption is becoming more prevalent each year, in part because of the widespread belief that Linux is a more secure and powerful platform than that competing product out of Redmond. Therefore it’s important for resellers in the networking and security space to communicate the malware facts to clients using Linux.
As I write this blog post on Linux using KWord, the KDE desktop’s native word processor, I’m not worried about a plague of Linux malware. “Proof of concept” Linux worms have been around since 1996, but all known Linux worms and viruses haven’t done much damage because they need root access to continue their life-cycle. And in the commercial Linux environment, most users have their root access shut off entirely.
But back to OpenOffice. Last August, Malte Zimmerman from Sun (chief sponsor of OpenOffice) blogged about the security issues involving OpenOffice. He noted the three ways to stop OpenOffice malware in its tracks:
- Don’t work with admin/root rights, use them only when needed for performing certain tasks
- Don’t run binaries that you can’t trust for some reasons.
- Don’t execute macros in documents you receive, unless you can be sure it’s safe
Does this mean Linux and OpenOffice are impervious to malware threats? Not by a long shot — though patches are issued almost immediately by the Linux community when any exploited (or exploitable) flaw is found. And it is true that clever hackers could use the normal user account in Linux to send out spam, encrypt files with PGP or execute phishing attacks, but all this requires users to run binaries or macros from unknown sources.
The truth of the matter is that Linux is still a very secure platform. It’s the job of the resellers and systems integrators to show their clients how to keep it that way.