Parts of it seem to be inherently more secure, but there are some pretty glaring holes. At least software distribution is much more secure than the Windows approach.
I’d say the biggest, most glaring hole is that, much like in Windows, most users don’t really understand the file system and user and group permissions.
Linux, as an OS, requires a lot more on the users part in understanding basic security right out of the gate.
A lot of folks out here dropping chmod777 all over the place just because they haven’t had any education on how any of it works.
Source: Years ago, being a newb without knowledge or education, dropping chmod777 all over the place
Hopefully you only chmod’d your own systems. Early in my career, I worked on a project wherein we gave a contracting company root access to a computer they could use to test the software they were writing for us. One morning, they sent us a message saying they couldn’t log in. We looked at the computer and discovered it wouldn’t boot. Turned out someone on the remote team had chmod 777’d the entire filesystem. Of course we locked down their access after that.
Parts of it seem to be inherently more secure, but there are some pretty glaring holes. At least software distribution is much more secure than the Windows approach.
I’d say the biggest, most glaring hole is that, much like in Windows, most users don’t really understand the file system and user and group permissions.
Linux, as an OS, requires a lot more on the users part in understanding basic security right out of the gate.
A lot of folks out here dropping
chmod 777
all over the place just because they haven’t had any education on how any of it works.Source: Years ago, being a newb without knowledge or education, dropping
chmod 777
all over the placeThey used to login as root
Fedora silver blue ftw. Immutable systems are the future.
… yeah :-/
Hopefully you only chmod’d your own systems. Early in my career, I worked on a project wherein we gave a contracting company root access to a computer they could use to test the software they were writing for us. One morning, they sent us a message saying they couldn’t log in. We looked at the computer and discovered it wouldn’t boot. Turned out someone on the remote team had chmod 777’d the entire filesystem. Of course we locked down their access after that.
It has the ability to lock things down a lot more. Also, it doesn’t necessarily have a big attack surface