WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

936

Linux being secure is a common misconception in the security and privacy realm. Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings by demonstrating the lack of various, important security mechanisms found in other desktop operating systems and identifying critical security problems within Linux's security model, across both user space and the kernel. Overall, other operating systems have a much stronger focus on security and have made many innovations in defensive security technologies, whereas Linux has fallen far behind.

Section 1 explains the lack of a proper application security model and demonstrates why some software that is commonly touted as solutions to this problem are insufficient. Section 2 examines and compares a number of important exploit mitigations. Section 3 presents a plethora of architectural security issues within the Linux kernel itself. Section 4 shows the ease at which an adversary can acquire root privileges and section 5 contains examples thereof. Section 6 details issues specific to "stable" release models, wherein software updates are frozen. Section 7 discusses the infeasibility of the average user correcting the aforementioned issues. Finally, section 8 provides links to what other security researchers have said about this topic.

Due to inevitable pedanticism, "Linux" in this article refers to a standard desktop Linux or GNU/Linux distribution.

Contents 1. Sandboxing 1.1 Flatpak 1.2 Firejail

  1. Exploit Mitigations 2.1 Arbitrary Code Guard and Code Integrity Guard 2.2 Control Flow Integrity 2.3 Automatic Variable Initialization 2.4 Virtualization-based Security

  2. Kernel

  3. The Nonexistent Boundary of Root

  4. Examples

  5. Distribution-specific Issues 6.1 Stable Release Models

  6. Manual Hardening

  7. Other Security Researcher Views on Linux

Linux being secure is a common misconception in the security and privacy realm. Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings by demonstrating the lack of various, important security mechanisms found in other desktop operating systems and identifying critical security problems within Linux's security model, across both user space and the kernel. Overall, other operating systems have a much stronger focus on security and have made many innovations in defensive security technologies, whereas Linux has fallen far behind. Section 1 explains the lack of a proper application security model and demonstrates why some software that is commonly touted as solutions to this problem are insufficient. Section 2 examines and compares a number of important exploit mitigations. Section 3 presents a plethora of architectural security issues within the Linux kernel itself. Section 4 shows the ease at which an adversary can acquire root privileges and section 5 contains examples thereof. Section 6 details issues specific to "stable" release models, wherein software updates are frozen. Section 7 discusses the infeasibility of the average user correcting the aforementioned issues. Finally, section 8 provides links to what other security researchers have said about this topic. Due to inevitable pedanticism, "Linux" in this article refers to a standard desktop Linux or GNU/Linux distribution. Contents 1. Sandboxing 1.1 Flatpak 1.2 Firejail 2. Exploit Mitigations 2.1 Arbitrary Code Guard and Code Integrity Guard 2.2 Control Flow Integrity 2.3 Automatic Variable Initialization 2.4 Virtualization-based Security 3. Kernel 4. The Nonexistent Boundary of Root 5. Examples 6. Distribution-specific Issues 6.1 Stable Release Models 7. Manual Hardening 8. Other Security Researcher Views on Linux

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (7).
[–] 0 pt

This is basically arguing with idiots. He barely knows enough to write an article.

"The example below sets up a fake sudo prompt to intercept the sudo password:"

"Executing the full path to the sudo executable will not help either as an attacker can fake that with a shell function: "

I can't even begin to describe how mind numbingly stupid this is. It's like arguing gender with a transgender advocate, it physically hurts because it's so fucking stupid.

[–] 0 pt

About My name is "madaidan". I'm a security researcher who works on various open source projects, mainly Whonix. My website provides information on security and privacy-related topics — it aims to highlight security issues within popular technology, debunk misinformation and provide free security guidance for everyone. This website was created by me, with help from concat and a few other friends.

You can contact me on various platforms, including Reddit, Matrix and Telegram. I operate a bridged Matrix room and Telegram group that I'm often active in.

[–] 1 pt

He suffers from "there's not enough locks on this door" (security is layered, you don't need 10 locks on an inside door), and "I don't know how this lock works, so let's invent a new locking system" (ignoring systems that already exist in linux that address his concerns).

[–] 0 pt

Heh! I got a chuckle out of that.

I bet he is Indian. Every Indian that I have ever worked with writes like he is paid to justify what he is writing, which is what his post is.