Linux

47772 readers

1226 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Dumb Security Ideas to avoid; what software is well designed? (www.ranum.com)

submitted 8 months ago by [email protected] to c/[email protected]

13 comments fedilink hide all child comments

I found this really old blog post and it still applies today.

We don't really have antiviruses, and thats nice. But we have a huge monolithic kernel, we have random executable files all over the filesystem, we have systems that to this day often dont even update without elevated privileges.

Android took Linux and fixed it, long ago. You dont even have root! Their app ecosystem is often very restricted by design though, as its a phone OS.

Desktop Linux needs to get more secure, compartimentalized, perfectly usable

without sudo privileges
without apps having read/write access everywhere
without X.Org
with portals, control, Wayland, Pipewire, Flatpak
with a split up kernel, drivers in userspace, adapted to the actual hardware you are running
with as much hardening applied as possible to simply shut off everything you dont need.

I guess there are many great projects out there that try to create exactly such a system

musl, busybox
RedoxOS
hardened_malloc, *BSD software

Can you recommend more software that is secure by design? The blog author mentioned Postfix.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 7 points 8 months ago

I’m not sure what you mean about without sudo - if there’s a root account logging over isn’t more secure than SU or SUDO. At some point you trust someone with root access either by ssh key, password or sudo abilities.

Openbsd har a rather stellar security history, but there’s still root.

Also there’s still root on Android, so I don’t agree with your point of “Android fixed Linux”. You don’t need to elevate to install software, but the software you install can elevate (https://www.tomsguide.com/round-up/best-root-apps)

In what way is the need for privileges for system stuff like boot config solved without root?