Freshmeat: Blame the UI: Why Linux is Not Immune to ILOVEYOU-style Worms | Linux Today
Infrastructure
SHARE
Facebook X Pinterest WhatsApp

Freshmeat: Blame the UI: Why Linux is Not Immune to ILOVEYOU-style Worms

Written By
Web Webster
Web Webster
Jun 10, 2000


“These days, it seems as if everyone likes a good “Microsoft is
Evil” story. I’m not going to agree or disagree with that statement
in general, but this recent (and continuing) wave of email worms
has given the media and the users plenty of room to criticize.
Largely, these complaints have revolved around a general lack of
security in Microsoft’s products — a historical truth. Adding to
this anti-Microsoft inferno does not improve Linux as a whole and I
believe that our time is better spent working towards ensuring that
these kinds of attacks can never happen on Linux.”

“The Linux kernel has an excellent reputation for
security-conscious computing. Security bugs, when found, are
squashed exceedingly quickly. Linux’s low-level security is based
on the classic UNIX model of users and groups. In brief, this
ensures that one user can never harm another user’s files or any
system files without explicit permission. Additionally, Linux
ensures that no user is capable of denying service to any other
user through crashing the machine, resource depletion, or a number
of other more subtle approaches. There is currently work being
performed to add a “capabilities” system to the kernel to make it
even more fine-tunable. This model is good and very powerful,
but it does not and cannot protect the user’s own files from
himself or application stupidity.”

“The security bugs currently being seen in Microsoft Outlook
are of the latter variety: application stupidity. One does not
necessarily need to be running under a Windows environment to write
or use stupid applications. … Of particular concern are
either programs that are regularly granted administrative rights
(such as an X Server) or programs that deal with untrusted data
(such as your Web browser or email client). As Linux does not have
any internal conception of “trusted” vs. “untrusted” data,
application programmers must be fairly smart about it. Microsoft’s
Web browser manages to deal with this dilemma at a high level, but
obviously wasn’t ingrained enough to uniformly combat the problem.
On the Linux side, it will be up to the GNOME and KDE development
teams to make sure they deal with this issue, as they will be
Linux’s flag-bearers into the future.”

Complete
Story
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information