The Remote Shell Trojan, disclosed last week by vnunet.com, has sparked a storm of controversy among Linux devotees who are arguing fiercely over the degree of danger posed by the exploit.

Users logging into slashdot.org to discuss vnunet.com's coverage have highlighted the sensitivity of the issue for the Linux community.

"It sounds like this thing only 'spreads' (if you can even call it that) when someone is brain-dead enough to READ their EMAIL as a user who can WRITE to IMPORTANT BINARIES!" said one user.

"As viruses go, this is pretty pathetic, and prompts one to question the competence of anyone who thinks it is significant. The email-vector mechanism can't even take advantage of address books, since Unix mail clients are so far from standardised," the user added.

"The majority of Linux users are not morons around computers," claimed another posting. However, one user conceded that, as Linux becomes more widespread beyond the technical geek world, the risk will be much worse. "This could be a big issue when Linux is used in offices (where the 'dumb' people work). Not everyone is a *nix guru," said the posting.

Judging by the growing number of Linux and other operating system machines exploited every month, there are an increasing number of "poorly administered" Linux boxes out there. Figures from Attrition up until April show that around 300 Linux boxes are exploited every month. This is less than the figure for NT boxes, but it is still worrying.

Paul Rogers, network security analyst at MIS, pointed out that security in any environment comes down to security policy. "You do find poorly administered Linux boxes, just as you find poorly administered DNS servers, and just as you find poorly administered machines running any other operating system."

The risk the Remote Shell attack poses is reduced, said Rogers, "because Linux-based Trojans and viruses need more social engineering to get executed because of the way, for example, Linux mail clients are written".

Despite this he warned that the danger has not gone away. Linux, as with any other operating system, "is only as secure and efficient as the people using it", he said.