Three Things to Know About Linux Security

Here are three things you need to know if you are switching to Linux.

1. Linux can get viruses.

Yep that’s right. Linux is not immune to viruses. There are many more viruses for Windows than Linux, but that does not mean that Linux users are invincible to malware.

2. Linux does not use ACLs by default.

ACLs (Access Control Lists) are a type of file-system security (ACLs on Windows apply to more than just the file-system itself).

On Windows all files, folders, registry folders, etc. make use of ACLs to define user and group permissions.

ACLs allow someone to fine-grain their security on their computer, without much hassle (in other words, you can take a 100 users and assign them to specific files and/or folders with specific permissions). ACLs were designed to accomplish tasks like that.

ACLs can work on Linux too, but you will have to have software that is compatible with ACLs (most won’t be ACL compatible for Linux).

https://msdn.microsoft.com/en-us/library/windows/desktop/aa374872%28v=vs.85%29.aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379557%28v=vs.85%29.aspx

However, Linux uses UNIX permissions by default, while very easy to use, are not nearly as flexible as ACL permissions. With UNIX permissions you get:

Owner (that is you or another account)

Group (that is the group you or someone else is assigned to)

World (that is everyone else that has access to the server locally or remotely).

What happens when you need to have several users access specific files and folders, but the permissions are not all uniform (some can read and write, while others can only read, while some can only read and execute).

It would be very hard (if not impossible, depending upon the situation) to accomplish this using UNIX permissions.

3. Linux is not “more secure” than Windows out-of-the-box.

https://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/

How many “secure” Linux users even know about this? How many servers has this affected? CentOS users will be happy, since their kernel version (by default) is lower than 2.6.37, but how many Linux distributions (popular or not) has this affected? How many companies will be able to apply a fix (using one from their distribution provider or doing a fix themselves) without causing downtime?

——————————–

Linux is not more secure than Windows. That idea is a myth. All operating systems have their own place in the tech world.


Posted in Operating Systems