this post was submitted on 05 Dec 2023
50 points (81.2% liked)

Linux

48212 readers
783 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 11 months ago (1 children)

I.e. how malware could easily catch your Sudo password without root access.

Peeps, bad news, Linux is damn insecure.

By simply placing an alias in your bashrc they could already grab your sudo password.

Another bad news, this Windows "okay" Button without any password is actually more secure.

In other words: a compromised system at the User level can easily compromised at the admin level if there are no additional checks/measures in place. Same for Windows. Just change the link to a Programm you commonly need the press OK to to you maleware. Profit.

[–] [email protected] 3 points 11 months ago

The proper way to handle issues like these is process level permissions (i.e. capability systems), instead of user level. Linux CGroups, namespaces, etc. are already moving that way, and in effect that's the way windows is trying to head too. (Windows has its own form of containerization called AppContainers, which UWP apps use. Windows also has its own capability system).