Will malware/virus spread to another user account on the same pc?

super365

Master Member
Joined
Nov 24, 2008
Messages
4,011
Reaction score
35
If one of the user account is infected with virus, will the other user account in the same pc gets infected or affected too?

Example: there are 2 administrators account in the same windows pc, Peter and Bob. If Peter's account is infected by virus, will Bob account be safe from virus?

Thanks
 

blong

High Supremacy Member
Joined
Jan 1, 2000
Messages
47,547
Reaction score
4,661
Linux guys will say always use work account and only use administrator account for administrative purposes.
 

davidktw

Arch-Supremacy Member
Joined
Apr 15, 2010
Messages
13,391
Reaction score
1,180
Linux guys will say always use work account and only use administrator account for administrative purposes.

Linux guys will not say what you have quoted. The reason is "work account" doesn't necessarily means unprivileged.

Linux guys will says the following

You should be using an unprivileged user account when working on your daily operations, only promote into an administrative/root account to work across the system security model when necessary

Is that anything inappropriate with that ? :)
 

zitseng

Senior Member
Joined
Apr 19, 2009
Messages
771
Reaction score
0
A virus that finds its way into a Linux system might also be able to do a local exploit and elevate itself with root privileges. :)
 

davidktw

Arch-Supremacy Member
Joined
Apr 15, 2010
Messages
13,391
Reaction score
1,180
A virus that finds its way into a Linux system might also be able to do a local exploit and elevate itself with root privileges. :)

Definitely. Rootkits are real issues in unix systems. The fact that systems may be compromised due to design fault are very real too. For such cases, SELinux, Apparmor, Grsecurity and probably some other such MAC policies options will help to circumvent these issues.

Unfortunately these options are normally only really effective with System Administrators, or Developers that are well aware of the environment they are operating in. Even skillful administrators do find such tools a hassle when introducing new variables into the system.

For consumers, the options are rather limited to firewalls, sandbox concepts and so forth.

One thing we must agree is security and ease of use is normally contradicting. You want your system to be secure, you harden it but it makes working with it more troublesome. You want ease, you lack on security and you make chance for vulnerability.

I have always advocated that "Security is not a tool. Security is a practice". The weakness link in all security is normally the human factor. Give the human a set of SOP to follow all the time and still leakage are possible, mainly sometimes we just tend to overlook either deliberately or unintentionally.

In fact, there are also products such as IBM QRadar and Guardium and more that helps to find out exactly which applications are misbehaving, accessing systems or data that are not meant to be. Audit logs of all actions can be logged and later analysed for unusual pattern and then alert administrators for action.

All operating systems have option for hardening, so it depends on how aggressive one want the system to be. While it seems contradictory, in my opinion, security is much easier to implement in Enterprises than in the Consumer space. Reason is Enterprises normally don't anyhow install software, they are also normally tested for security and functionality before actual deployment into the production system. These systems normally are placed in more secure environment, behind firewalls, scrutinised network environment, limited access to this system physically, and may contain Intrusion Detection Systems(IDS) that are monitoring unusual traffic in and out of systems.

During projects, these systems also have to submit firewall rules that clearly state the source and destination, narrowing down to a stringent list, have to indicate their usages. Some services instead of using public servers such as mail servers, ntp servers, dns servers and so forth are using hardened service internal to the environment and hence inherently more secure.

Therefore, the notion of security is a holistic perspective, not just a matter of which operating system to use. The privilege level of the user account can only prevent so much, it's up to an assorted list of practices that goes with the environment that ultimately provide the security that is expected.
 
Last edited:
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top