Providing root access to most programs is a no-no, and this is also the main reason why I strongly advise against using antivirus software on Linux. In addition, antivirus software is ineffective on Linux and similar operating systems, and all software necessary to carry out rogue practices is pre-installed and widely used.
Most common malware is simple Bash scripts that copy themselves elsewhere and add them to shellrc. These procedures use software that is also commonly used by system administrators, so automatically removing every script that calls these programs is not an option. So these types of attacks can only infect the user and not the system, unless the user runs these scripts using root.
A big exception to antivirus software on Linux is on the file server. Not to prevent the system from being infected, but to prevent users from spreading malware among themselves.
There is more value in adjusting the system properly; Do not grant root access unless truly necessary, do not install software from untrusted sources, do not run untrusted scripts, and restrict system access to high-risk software using Systemd, Apparmor, and/or SELinux, containers, VMs, Image-based systems and, if possible, accurate recording and system telemetry with alerts.
“Coffee buff. Twitter fanatic. Tv practitioner. Social media advocate. Pop culture ninja.”
More Stories
Strong increase in gas export pipeline from Norway to Europe
George Louis Bouchez still puts Julie Tatton on the list.
Thai Air Force wants Swedish Gripen 39 fighter jets