On Thu, 29 Jan 2004, Rishi Gangoly wrote:
The only way a program (virus) could infect the system would be is if a user actually saved an attachment to disk, then did a 'chmod 755 attachment' and then executed it by either double clicking it or ./attachment... Thus the user would have to be really dumb to infect his computer. ;-)
A virus also needs to infect other binaries with itself. If run as a regular user, the virus only has access to executables that are writable by the current user. To infect the entire system, the virus would have to be executed as root.
If root executes the virus, I'd say you've given root to the wrong person.
We need to contrast this with worms. Worms are capable of spreading without human intervention, and yes, there have been linux worms in the past. Typically, they would take advantage of well known holes in a system's network security (remember l10n attacking rpcd, bind and wuftpd) to gain access to that system. Once there, they'll install themselves to be always executed, and then search for other hosts to infect.
The only human intervention required is that the system be left open for remote exploits like this.
We should remember that the first great Internet Worm was actually cross platform. it worked on unix as well as vax systems.