Can a virus be installed just by downloading a file?

Let´s assume that I programmatically download a malicious file, e.g. using wget, and try to import in e.g. R or Python as a text file. If it fails, I delete it using rm. There is any chance that my Linux system gets infected?


Solution 1:

Transferring a file to your system, opening it with a text editor (or equivalent, as with text input functions in common programming languages), and deleting it if that fails seems very unlikely to run any code on your system, which would be required for malware to install itself.

That said, all large, complex software systems contain bugs, and in the case of an operating system, some of those bugs are security holes. One of the ones I recall reading about some time ago was a buffer overrun bug that allowed an unpatched system (Windows XP, as I recall -- told you it was a while ago) to be made to run "arbitrary code" simply by previewing (not even fully opening) an email message that contained data that would produce the buffer overrun.

Modern security bugs are much more subtle, in many cases, and it's not uncommon at all for security experts to find "zero day vulnerabilities" that are as yet unpatched by the software developers and maintainers, but previously unreported and that may therefore be available to attackers. This makes it impossible to be really certain that any seemingly innocuous thing you do is completely safe.

Keeping updated anti-malware software running on your computer is said to be the best way to protect yourself from this, but for your case, I'd also suggest testing your software on a clean-install machine, freshly updated, that contains no data you don't care to either lose or have published to the world (or stolen for use by a malware user); this machine should not be networked to any other machine that contains such data, either, as some malware ("worms") can spread through a LAN without user intervention (how to keep an internet connection on this machine and avoid connection to any of your other computers is left as an exercise, as they say).

Solution 2:

It is apparent that you are asking this question expecting a clear cut "Yes" or "No", but the question cannot be answered that simply. I feel that the answer by Zeiss is more than sufficient to answer your inquiry succinctly with enough detail and examples to explain the answer.

If you need a "tl;dr" of that answer, I would describe it as "probably not, but maybe".

However, your comment on that answer indicates that you are still unsatisfied with this response.

Since you are asking for specific instances of known vulnerabilities, the best thing that you can do is to periodically review the list of known CVEs that pertain to Ubuntu. "CVE" stands for "Common Vulnerabilities and Exposures".

The CVE list is constantly updated with the status and details of known security bugs and vulnerabilities. You can search by specific package and review the details of each vulnerability to see exactly what and how the CVE might affect the security of your system.

As mentioned in the other answer, these days, bugs are generally more subtle and less likely to result in huge gaping security risks. But there is always the possibility that a pretty bad vulnerability exists that has not yet been discovered. A good recent example of this would be the "Meltdown" and "Spectre" vulnerabilities that were discovered in 2018.