[PokeyJoe]

"This virus searches for executable ELF files in the current and /bin directories and infects them. When infecting files, it writes itself to the middle of the file, at the end of a section of code, which pushes the other sections lower down. It also contains a backdoor, which downloads scripts from another site, and executes them, using a standard shell."

Maybe on Linspire - a Linux for newbies that logs users on as root (like WinderzXP). Not on my Debian box.

[general_re]

Assuming you're not running as a privileged user, sure. Of course, it'll still try to touch every file it can - run one as root later on, and you're hosed ;)

[proxy_user]

Surely it's not that simple.

You would normally su to root to install the software. While unzipping and untarring the executables wouldn't do anything, they probably contain executables will be owned by root and can therefore run as root if the suid bit is turned on.

So even if you're browsing the web as Joe Blow, you might not be safe.

Of course, most savvy Unix SAs install things like web servers under an account like 'nobody' that is deliberately designed to have no privileges at all. But many would unthinkingly su to root to install client software on workstation machines.