/g/ - Linux security is kinda bad - Technology


08/21/20	New boards added: /vrpg/, /vmg/, /vst/ and /vm/
05/04/17	New trial board added: /bant/ - International/Random
10/04/16	New board for 4chan Pass users: /vip/ - Very Important Posts
[Hide] [Show All]

vintologi.com
Linux security is kinda bad 05/14/26(Thu)10:59:02 No.108821901

File: tux.png (1.65 MB, 1110x1347)

Linux security is kinda bad vintologi.com 05/14/26(Thu)10:59:02 No.108821901

Linux security relies a lot on having people use accounts with limited perms (at least unless you provide a password for root/sudo) but recently there has been a lot of privilege escalation bugs discovered.

SELinux: a nightmare to actually configure properly obviously resulting in it not being properly configured in a lot of cases.

Apparmor: can give some added security but like apparmor it's a nightmare to configure and very often it will not work the way you actually want it to work.

But you very much want added security if you use something like wine since that works with windows malware as well.

Canonical pushed people towards their snap store only to have said store end up full of malware. Hackers even registered abandoned developer domains allowing them to push out a lot of malware to people.

AUR: you are supposed to read the PGBBUILD file to verify that it isn't malware but how many people actually bother doing that?

Anonymous
05/14/26(Thu)11:08:19 No.108821983

Anonymous 05/14/26(Thu)11:08:19 No.108821983

>>108821901
Are you one of those Indian women that work for microsoft??

Anonymous
05/14/26(Thu)11:27:13 No.108822105

Anonymous 05/14/26(Thu)11:27:13 No.108822105

File: 6284838.jpg (320 KB, 720x929)

320 KB JPG

>>108821983
I'm a septic tank.

Anonymous
05/14/26(Thu)11:30:05 No.108822114

Anonymous 05/14/26(Thu)11:30:05 No.108822114

>>108821901
Those are glowfag backdoors and they get patched.
Thats a good thing.
Would you rather have a proprietary OS with unpatched backdoors?

Anonymous
05/14/26(Thu)11:30:24 No.108822117

Anonymous 05/14/26(Thu)11:30:24 No.108822117

>Apparmor: can give some added security
>but like apparmor it's a nightmare
kys dirty fag

Anonymous
05/14/26(Thu)12:08:26 No.108822363

Anonymous 05/14/26(Thu)12:08:26 No.108822363

>>108821983
Kike Peter theil shill thread

Anonymous
05/14/26(Thu)13:12:26 No.108822763

Anonymous 05/14/26(Thu)13:12:26 No.108822763

>>108821901
OpenBSD
and/or microkernels
that is the future

Anonymous
05/14/26(Thu)13:35:55 No.108822931

Anonymous 05/14/26(Thu)13:35:55 No.108822931

>>108821901
Well it's still much more secure than Windows
Linux
>flatpak apps with good isolation and permission control
>custom isolation with firejail or bwrap
>windows software resides in wine prefixes without any special privileges
>opensnitch for traffic control
Windows
>Win32 programs have access to everything including browser passwords
>UWP apps that were supposed to solve this failed spectacularly
>everything requires admin access to install
>no good package system except CLI-only winget
>requires external antivirus software to be at least somewhat secure

Linux's main problem is the monolithic kernel, but you can partially solve it by blocking automatic loading of modules which is why my computers weren't vulnerable to these exploits anyway. You lose plug&play functionality and have to load modules manually, but you reduce attack surface a lot.

Anonymous
05/14/26(Thu)13:52:57 No.108823047

Anonymous 05/14/26(Thu)13:52:57 No.108823047

>>108822931
>>everything requires admin access to install
no for at least the last 15 years

Anonymous
05/14/26(Thu)16:19:36 No.108824071

Anonymous 05/14/26(Thu)16:19:36 No.108824071

File: wincucks.png (746 KB, 732x746)

746 KB PNG

OHNONONONONO

Name
Options
Comment
Verification	4chan Pass users can bypass this verification. [Learn More] [Login]
File
Please read the Rules and FAQ before posting. You may highlight syntax and preserve whitespace by using [code] tags.