Linux security
Daniel Carrera
daniel.carrera at zmsl.com
Fri Apr 28 22:03:47 UTC 2006
Stephen R Laniel wrote:
> Sudo alone is huge. Windows makes security a user-by-user
> decision -- she's an admin user, he's not. Under Linux, you
> can choose to execute certain commands as an admin user.
> This granularity is damned handy.
I'm certainly a big fan of sudo. But what it does is protect the OS
itself, the system files. I don't want to diminish sudo, but it doesn't
protect your data files.
> Chroot is a security bonus, and there is nothing like it
> under Windows.
chroot is fantastic, but it protects the core OS, and other users. It
won't protect your data files.
> Noncommercial OSes have their security strengths and
> weaknesses. Microsoft will do exactly as much as it needs to
> do to maintain its market share; as Bruce Schneier has
> repeatedly pointed out, Microsoft treats security flaws as
> PR problems. Linux doesn't have PR to worry about; we're
> scratching our own itches.
I think you're onto something. Back to the question, "is Linux
inherently more secure?" (for protecting your DATA) one answer is "yes,
because we take security more seriously". In other words, Firefox is
more secure than IE, Thunderbird is more secure than Outlook, and
OpenOffice is more secure than MS Office.
I hope you can see what I'm trying to do here. I want to be able to
backup the argument that Linux is more secure. Suppose that I'm talking
to a Microsoft advocate. The conversation might go somewhat like this:
Daniel: Linux is more secure than Windows.
MS guy: Why?
Daniel: It has better separation of priviledge (sudo, chroot)
MS guy: But that won't protect the user's data which is what
really matters.
What do I reply to this? From what you say, one possible reply is:
Daniel: Linux applications have fewer bugs and are fixed faster.
That protects the user's data.
Another response that I mentioned earlier:
Daniel: The user is much less likely to run a virus because that
requires changing the execute bit. It is unlikely that the user
will do it by mistake, and it is unlikely that an application
will change the execute bit on its own.
Is there anything else that Daniel should respond to the MS guy?
> Peer-produced OSes have their own advantages, or could: by
> stitching together small pieces, I have to be careful about
> the data that I get from you. So I may end up being more
> careful about sanitizing my data than someone whose system
> -- like Windows -- is monolithic.
Linux is more modular. Are you trying to say that this means fewer bugs?
Let's translate this into another answer to the MS guy:
Daniel: Linux is more modular. That means fewer bugs. That protects
the user's data.
> Likewise, Windows crams a lot of stuff into one monolithic
> code base. If I want to run a secure server, I take
> everything off of it that I don't need -- X, GNOME, etc.
Yes. But servers is not the use scenario here. It's users and viruses.
> Obviously a culture of openness is better at finding,
> diagnosing, and fixing bugs. In its own way, this is the
> basic premise of democracy. As Schneier has again stressed
> repeatedly, democracies are more secure than tyrranies.
I would *love* to have a reference to that. I'm a fan of Scheier.
> So for one thing, I think you have the wrong idea about why
> we want security. It's not just about protecting your data.
> We live in a networked world: if you run an insecure
> machine, it affects me. A secure machine is one that
> protects you and your neighhor.
I'd love to hear more about this. This could be another retort to the
hypothetical MS guy:
MS guy: What really matters is user data, and separation of priviledge
won't protect that.
Daniel: Actually, user data is not what matters most becasue ...
So, besides user data, what else are we trying to protect? Are you
thinking of bot-nets? How would you argue that bot-nets are more
difficult to create with Linux? After all, a virus could edit your Gnome
startup file (notice, no need to escalate priviledge) to start the
program every time your computer turns on.
Cheers,
Daniel.
--
/\/`) http://opendocumentfellowship.org
/\/_/
/\/_/ ...and starting today, all passwords must contain
\/_/ letters, numbers, doodles, sign language and
/ squirrel noises.
More information about the ubuntu-users
mailing list