Congratulations has to be given to Adobe for succeeding in creating malware for Linux. Fortunately, reading what Linux shows to the user will reveal when it it being installed. A password will be asked for when this occurs. This will most likely happen when another program is being installed so it can be missed if someone is not paying attention. Once it has infiltrated the system, it still cannot harm anything unless the user types in their password when prompted by an attack. And it is easily removed. If your package manager (synaptic, apttitude, adept, urpmic, etc...) does not find it (where it can be removed with two clicks) look for the Adobe AIR directories in /opt/ and /var/opt/ and remove them. Command line removal is "dpkg -r adobeair-enu" if your distro uses dpkg. Also look for .air files in your home directory. Note there are some legitimate *.air.* files, don't remove those, just the *.air files.
About Adobe AIR (Adobe Integrated Runtime)
AIR is no more malware than Java or anything similar.
These days the hurdles something like this has to take are almost the same on Windows system. Of course with the difference that there you're far more likely to come across software that wishes to mess with your configuration.
I think the whole rights-based security is severly (and dangerously) overrated in single-end-user environments though. Sure you do not want software to mess up the system of a machine you use as a server, that's why it's good *X systems are so clean in that regard. But for a regular gaming/multimedia computer, compare the damage of a messed-up system (you have to reinstall/reconfigure) to the damage of a hard drive wiped of all your personal data (your shit is gone). I'm a heck of a lot more afraid of the latter, and malware doesn't need root access for that.
I think the whole rights-based security is severly (and dangerously) overrated in single-end-user environments though. Sure you do not want software to mess up the system of a machine you use as a server, that's why it's good *X systems are so clean in that regard. But for a regular gaming/multimedia computer, compare the damage of a messed-up system (you have to reinstall/reconfigure) to the damage of a hard drive wiped of all your personal data (your shit is gone). I'm a heck of a lot more afraid of the latter, and malware doesn't need root access for that.
Windows is kinda bad at sandboxing damage because so many games and applications require administrator rights (usually because of DRM or something else stupid they do [like trying to use /etc for per-user configuration on Linux]). On Linux the issue is far lesser, and you can trivially sandbox things. That is all unrelated to AIR though. No browser that I know of automatically runs AIR applications like they don't autorun executables either (though I can't say the same for Java applications), and AIR doesn't do anything attributed to malware by itself, thus it's no different from Java, Python, regular executables, and so forth.
Asking to bypass the package manager mid install of an app is reason enough. But sometimes it doesn't even ask, it just starts installing _outside_ the package manager durring. IE: I play by the rules, i enter by the front door, may I stay?, thanks, oh that bangging on the basement door? thats just some dude that promised me free stuff but I'm not allowed to tell you what it is, he can crawl in from the basement now can't he?
-posted from my Android because iPoo is what it is.
-posted from my Android because iPoo is what it is.
IIRC, Linux package managers don't follow any standards besides their own and what the packages they use have. Dunno if they have limitations that AIR would want to go past of. Also, the packages work the way they're designed to, they can't go "outside" of the package manager unless it's in their capabilities. No idea in what format AIR is distributed on Linux, though. Proprietary hardware drivers live outside of package managers too as I understand (at least nvidia's does).
Also, AIR doesn't use .air files as far as I can tell. There might be a .air folder on Linux in user home directories for per-user configuration related stuff, but the suffix seems to not exist in AIR games (I have few and they don't have any .air files).
Edit: Some results on Google seem to disagree with me on this.
Edit: Some results on Google seem to disagree with me on this.
"Proprietary hardware drivers live outside of package managers too as I understand"
Generally yes. Generally the companies that create PHDs (piled high and deep *stuff*) for Linux want to preserve their perceived intellectual property power yet conversely have decided to support Linux (IE: we made a statue of The Prophet for your mosque). Generally PHDs don't come integrated with a Linux distro and are instead tacked on by the distors developers or 3rd parties or the end-user following PHD developers possibly valid instructions. Despite all that, some distros wrap the PHDs in a nice package 'mask' so the end result effectively appears to be PHDs contained in a standard package for the manager and probably will uninstall as easily as they install. Note AIR can _appear_ to be contained in such as package mask yet still not use the package manager; a fact only discovered by many users when uninstalling the package does not uninstall AIR.
And there is definitly standards that mainstream package managers follow
1. Software comes from authenticated repositories.
2. Admin users have complete control over which repositories are authenticated; including the ability to bypass authentication.
3. Admin users have complete control over which software to install and uninstall. Even packages that install other packages will ask for the users permission and document what exactly is being installed and uninstalled.
All package managers for Linux distos that have not followed these standards have proved to be unsuccessful.
Generally yes. Generally the companies that create PHDs (piled high and deep *stuff*) for Linux want to preserve their perceived intellectual property power yet conversely have decided to support Linux (IE: we made a statue of The Prophet for your mosque). Generally PHDs don't come integrated with a Linux distro and are instead tacked on by the distors developers or 3rd parties or the end-user following PHD developers possibly valid instructions. Despite all that, some distros wrap the PHDs in a nice package 'mask' so the end result effectively appears to be PHDs contained in a standard package for the manager and probably will uninstall as easily as they install. Note AIR can _appear_ to be contained in such as package mask yet still not use the package manager; a fact only discovered by many users when uninstalling the package does not uninstall AIR.
And there is definitly standards that mainstream package managers follow
1. Software comes from authenticated repositories.
2. Admin users have complete control over which repositories are authenticated; including the ability to bypass authentication.
3. Admin users have complete control over which software to install and uninstall. Even packages that install other packages will ask for the users permission and document what exactly is being installed and uninstalled.
All package managers for Linux distos that have not followed these standards have proved to be unsuccessful.