In Windows you can download one infected exe and your PC becomes exposed and all your stuff stolen. Can this happen in a Linux system easily?
can’t you install a Linux program and accidentally grant it permissions to the file system and to run in the background, and/or transmit files elsewhere?
Linux is actually pretty easy to penetrate. Security isn’t about how good the system is, it’s about how educated the user is. You can download one file for Linux and you’re infected as well. Linux’s secuity lies in the fact that files cannot start themselves. The user MUST start a program. A virus (which windows gets) is a program that starts itself without the user knowing. Computers however are tools. They do what they’re told. So if you download a program and run it, If that program is malware or spyware, you’re infected. YOU told the computer to do it. Can you imagine a computer system that didn’t do what it was told? You’re working on a file and then all of the sudden, "I don’t like this file. I’ve deleted it." However, you don’t have to worry about a program getting on your computer WITHOUT you downloading it like with Windows. NO COMPUTER IN THE WORLD is safe from malware. Some are just safe from viruses. Linux, Mac other *UNIX distros. Malware is the result of user stupidity though. Linux also has protocols for dealing with computer hackers as well.
If by accident, you mean:
Type in your password, then yes.
Linux works on the concept of users. There are users for EVERYTHING. A user controls the sound. Another user controls your screen display, another user may control your internet connection. Your personal files are your user. Your computer files (main system) belong to a user called root. To change system files you have to change to the root user since your user doesn’t have privelidges to mess with the system. In a true linux system you have to specifically give another user permission to do something on behalf of root. The more user-friendly you make a computer, the more you have to lower the security (because most users are idiots) so systems like Ubuntu (which is now commercially driven) are less secure than systems like Debian (which is a true Linux System). Basically every file, folder, program, and process on the computer has to have a user to own, own, own, and run it. If the program needs to make changes to a file or folder, the user who started the program has to have the right to make changes to that file or folder. If they don’t, linux will tell the program "no." To circumvent this, Ubuntu (commercial version of Linux) allows the user to enter THEIR password (if they’re an administrator) to do things in the name of root. This practice is still more secure than Windows but less secure than requiring the user to actually enter root’s password to do something to the computer’s main system.
So if someone else runs malware that doesn’t have administrator privelidges (and hasn’t run the program as root) then you can just delete their user and your system isn’t compromised (99% of the time).
Basically, the GUI (Desktop) of Linux makes commands to the commandline on the user’s behalf. So any program that’s run still has to be started BY THE USER. IE, if I click program xyl, the GUI says to the commandline, xyl. Since I started the GUI desktop, xyl will be started in my name. In Windows a virus can start itself and Windows doesn’t require a user to do anything. The user’s name isn’t required. The process can just start itself. That’s why Window’s security flaw is. It’s also not very well protected against hackers. Remember what I said about the easier a computer is to use, the more insecure it becomes? To help it’s users become more connected to the internet, Microsoft allows more open connections from the outside world. Linux blocks ALL connections from the outside world by default and only allows connections which you have initiated. Meaning if you didn’t request the connection, then it’s not comming into your computer.