1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
|
<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<META NAME="generator" CONTENT="lgazmail v1.3E.t">
<TITLE>The Answer Gang 65: fat versus inodes</TITLE>
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
LINK="#3366FF" VLINK="#A000A0">
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<P> <hr>
<CENTER>
<!-- *** BEGIN navbar *** -->
<!-- *** END navbar *** -->
</CENTER>
</p>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<center>
<H1><A NAME="answer">
<img src="../../gx/dennis/qbubble.gif" alt="(?)"
border="0" align="middle">
<font color="#B03060">The Answer Gang</font>
<img src="../../gx/dennis/bbubble.gif" alt="(!)"
border="0" align="middle">
</A></H1>
<BR>
<H4>By Jim Dennis, Ben Okopnik, Dan Wilder, Breen, Chris, and the Gang,
the Editors of Linux Gazette...
and You!
<br>Send questions (or interesting answers) to
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a>
</H4>
<p><em><font color="#990000">There is no guarantee that your questions
here will <b>ever</b> be answered. You can be published anonymously
- just let us know!
</font></em></p>
</center>
<p><hr><p>
<!-- endcut ======================================================= -->
<!-- begin 14 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>fat versus inodes</H3>
<p><strong>From narender
</strong></p>
<p align="right"><strong>Answered By Heather Stern
<br></strong></p>
<P><STRONG>
dear sir ,
</STRONG></P>
<P><STRONG>
i want to know why the viruses are so common in dos and
windows while unix is ammune to these ?
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
In order to spread effectively, viruses have to gain system-level privileges
and abuse them. In DOS and Windows, system level priveleges have no "natural"
defenses - all requests for system services are on behalf of the same user,
you.
</BLOCKQUOTE>
<BLOCKQUOTE>
NT has slightly better natural defenses, but also gets some interesting ones.
</BLOCKQUOTE>
<BLOCKQUOTE>
The ability of viruses to spread seems to be enhanced by some other features
which you would otherwise find handy, like the ability of several apps to
share a single macro language.
</BLOCKQUOTE>
<BLOCKQUOTE>
This is why there are so many antivirus companies - even after they've gone
and bought each other up a bunch. They're in the business of selling immune
systems and the ability to spot that the machine is "ill" before the symptoms
get obvious.
</BLOCKQUOTE>
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
is it all due to inodes
concept in the unix ?
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
No. UNIX family OS' all expect different applications to run in seperated
memory spaces, called a process. If a process (even owned by the same user)
tries to wander out of its allowed space it is killed (that's called a
sementation violation, or segfault). In addition normal users don't have
full system privileges. Beyond that, we have a great many macro languages
available and few systems have the same configuration enough that a virus
can be sure of one or another feature being present. Having to make decisions
makes such "invaders" large - larger invaders are more easily spotted, or
may set off other defenses. So while in theory it's not impossible for a
Linux virus to exist, it's much harder.
</BLOCKQUOTE>
<BLOCKQUOTE>
The main case I know of was basically a research virus - it could only
spread if the system's user also did a few things to improve his ability
to access the system as root when working remotely. Very few people do
that, or even want to.
</BLOCKQUOTE>
<BLOCKQUOTE>
We have much more to fear from crackers trying to generate these failures
deliberately, than from viruses trying to invade our systems automatically.
</BLOCKQUOTE>
<BLOCKQUOTE>
However, it's worth noting that LILO is a master boot record - it looks
different, but it's still an mbr, so any virus you catch in a dual boot
system that attacks the mbr, will attack your LILO. That it's code "coming
from Linux" won't save it. It does have a few defenses, but it's not very
big. Many other bootloaders exist too, and if you're living in a virus
rich environment you might want to use one that specifically has some
antivirus features.
</BLOCKQUOTE>
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
if so will you please tell me in more detail
the responcible differences between fat and inodes tables ?
</STRONG></P>
<P><STRONG>
needing yr help
<br>regards
<br>narender
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
> [Heather]
Well, it's not the responsible thing, but it's a fair question.
</BLOCKQUOTE>
<BLOCKQUOTE>
FAT is a table at the beginning of the disk, which divides the disk up into
"clusters" and marks how each cluster is used. (There's actually two tables,
so that there is a safe copy in case of problems, but normally, they contain
the exact same data.)
</BLOCKQUOTE>
<BLOCKQUOTE>
inodes contain a small amount of information (called metadata) about the
things they point to, and the things they point to can be put anywhere on
the disk, because part of the metadata says where that is. We have a
different way of keeping track of what disk space is still free to allocate.
For more about this, study about the "superblock" since we do have things
that affect how many inodes we can use, and so on, as options when we format
a disk under linux.
</BLOCKQUOTE>
<BLOCKQUOTE>
So it is simplest to say that the difference is that FAT directly represents
the disk, but Linux' system indirectly represents the disk.
</BLOCKQUOTE>
<!-- end 14 -->
<!--startcut ======================================================= -->
<P> <hr> </p>
<!-- *** BEGIN copyright *** -->
<H5 align="center">This page edited and maintained by the Editors
of <I>Linux Gazette</I>
<a href="http://www.linuxgazette.com/copying.html"
>Copyright ©</a> 2001
<BR>Published in issue 65 of <I>Linux Gazette</I> April 2001</H5>
<H6 ALIGN="center">HTML script maintained by
<A HREF="mailto:star@starshine.org">Heather Stern</a> of
Starshine Technical Services,
<A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
</H6>
<!-- *** END copyright *** -->
<P> <hr>
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
<p align="center">
<table width="100%" border="0"><tr>
<td align="right" valign="center"
><IMG ALT="" SRC="../../gx/navbar/left.jpg"
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="middle" border="0"
><A HREF="..//"
><IMG SRC="../../gx/navbar/toc.jpg" align="middle"
ALT="[ Table Of Contents ]" border="0"></A
><A HREF="../lg_answer65.html"
><IMG SRC="../../gx/dennis/answertoc.jpg" align="middle"
ALT="[ Answer Guy Current Index ]" border="0"></A></td>
<td align="center" valign="center"><A HREF="../lg_answer65.html#greeting"><img align="middle"
src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A>
<A HREF="1.html">1</A>
<A HREF="2.html">2</A>
<A HREF="3.html">3</A>
<A HREF="4.html">4</A>
<A HREF="5.html">5</A>
<A HREF="6.html">6</A>
<A HREF="7.html">7</A>
<A HREF="8.html">8</A>
<A HREF="9.html">9</A>
<A HREF="10.html">10</A>
<A HREF="11.html">11</A>
<A HREF="12.html">12</A>
<A HREF="13.html">13</A>
<A HREF="14.html">14</A>
<A HREF="15.html">15</A>
<A HREF="16.html">16</A>
<A HREF="17.html">17</A>
<A HREF="18.html">18</A>
<A HREF="19.html">19</A>
<A HREF="20.html">20</A>
<A HREF="21.html">21</A>
<A HREF="22.html">22</A>
<A HREF="23.html">23</A>
<A HREF="24.html">24</A>
<A HREF="25.html">25</A>
<A HREF="26.html">26</A>
<A HREF="27.html">27</A>
<A HREF="28.html">28</A>
<A HREF="29.html">29</A></td>
<td align="left" valign="center"><A HREF="../../tag/kb.html"
><IMG SRC="../../gx/dennis/answerpast.jpg" align="middle"
ALT="[ Index of Past Answers ]" border="0"></A
><IMG ALT="" SRC="../../gx/navbar/right.jpg" align="middle"
WIDTH="14" HEIGHT="45" BORDER="0"></td></tr></table>
</p>
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
<P> <hr>
<CENTER>
<!-- *** BEGIN navbar *** -->
<!-- *** END navbar *** -->
</CENTER>
</p>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
</BODY></HTML>
<!--endcut ========================================================= -->
|
