Linux

63511 readers

484 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

What sense is licensing operating system on BSD license? (lemmy.world)

submitted 2 days ago by mlxdy@lemmy.world to c/linux@lemmy.ml

26 comments fedilink hide all child comments

Change my mind.

Companies are just taking BSD code and don't contribute to it. At the end they're selecting Linux even if there's licensing risk and they have contribute to code. Why? Because Linux have a lot of contributors, that makes it much more advanced system with more features. Also companies which want to support Linux don't have to worry that someone would close their code or code they funded with money. It's not about competition but collaboration. GPL license allowed us also to sell own open-source solutions.

FreeBSD, OpenBSD and NetBSD are behind Linux. I love that systems (especially OpenBSD), but I don't see a point in contributing or donating to them. Instead of being ready to use solutions they're trying to be base for commercial closed-source products and it would be great as contributors could get something from that, but they get nothing.

I understand that BSD see closed source as something cool and way to commercialize software, but in today times where a lot of devices have 24/7 access to internet, microphones, cameras and at the same time to sensitive data it's extremely dangerous. Closed source is used to hide backdoors, acts of surveillance and keeping monopoly on market which obviously stop evolution of software.

Please tell me how BSD license can be good solution for operating system. It's not about offending BSD, but as someone who love open source software I hate closed source software I would like to know how I can defend this license.

you are viewing a single comment's thread
view the rest of the comments

[–] SwooshBakery624@programming.dev 1 points 9 hours ago (1 children)

OpenBSD (and it's subprojects) are highly secure, moreso than Linux.

I highly doubt that OpenBSD is more secure than Qubes OS or secureblue.

[–] moonpiedumplings@programming.dev 1 points 8 hours ago* (last edited 8 hours ago)

Openbsd is definitely more secure than secureblue. There is only so much you can do to handle the massive monolithic architecture of the Linux kernel. Further down the stack, many parts of Linux, like sudo, dbus, or systemd are regularly hit by zero days. The SELinux domain architecture that Secureblue is interesting, but SELinux is extremely complex and difficult to get right, compared to the much more simpler pledge and unveil sandboxing that openbsd offers.

In addition to that, there are further issues like the problematic way that user namespaces interact with browsers. (And user namespaces are frustrating in general, secureblue actually has a short article on their problems). For maximum security, you want to sandbox tabs from eachother using user namespaces (only works on chromium btw, firefox can't do this so it doesn't matter) — BUT, if you run your browser in a sanbox created by user namespaces, then you can't nest them, disallowing you from using that powerful tool to isolate tabs. So you are forced to make a choice: You can either sandbox the browser itself, in exchange for weakening the isolation between tabs, or you can strengthen the isolation between tabs, in exchange for weaking the sandbox around the browser itself. Giving the browser access to user namespaces is questionable though, because see above, user namespaces have led to a lot of vulnerabilities.

OpenBSD's pledge + unveil (but only on chromium again), does not really make such tradeoffs. It can sandbox tabs from eachother, while also sandboxing the browser itself. In addition to that, pledge + unveil do not present a massive kernel attack surface that people have had to restrict for having too many 0days. And this is just one of the many, many examples, where OpenBSD presents a better security posture than Linux.

Qubes is technically Xen, a different kernel than Linux. The Xen kernel virtualizes Linux distros, from which you can manage Xen, or do normal Linux app stuff. But nothing stops you from using a BSD virtualized by Xen for management or usage. Qubes talks about why they use Xen here — but the short version is that they did not consider the Linux kernel's kvm secure enough for their usecase.