this post was submitted on 07 May 2026
-29 points (19.1% liked)
Linux
13571 readers
521 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Uhm .. no.
Linux had permissions from day one, neither Windows nor Apple did until much more recently.
I use Apple, since there's many versions of its OS and only¹ the one based on BSD has permissions.
The entire Linux ecosystem is permissions based, it's baked into the kernel and while bugs continue to be discovered and patched, they're visible to everyone, where that's not the case with either Windows nor Apple.
Permissions aren't new. Unix has had them from the early days, as have operating systems like VMS, BSD and OS/400 to name a few.
As for exploits, the level of user social engineering exploits is exploding with the growth of Linux, since most new users come from operating systems with poor security.
In my opinion Mac OS is hurting itself by making inexplicable security choices, causing pain where none is required, resulting in people actively disabling security to their own detriment.
As for actual exploits, they're getting more and more ubiquitous since more and more operating systems are running the same code, think python, nginx, bash, etc.
Finally, I'd point out that your attempt at dispelling what you call a myth does not appear to be backed up by facts or sources.
I've been in this industry for over 40 years and while it's far from perfect, I am comfortable stating that Linux is more secure than many operating systems and I suspect that it will continue to be the case for the foreseeable future.
I also note that it has a significantly larger user base than any other OS. Don't believe me? Heard of Android, same Linux kernel.
¹ There was a brief A/UX hybrid OS that had permissions, based on Unix System V and BSD. It was discontinued in 1995.
What exactly do you mean by "permissions" here? It sounds like you're just talking about basic Unix-style permissions. Also, what do you mean by "only the one based on BSD?"
Unless you're talking about Mac OS 9 and earlier (like more than 20 years old), all their OSes have permissions and are based on BSD at this point.
Standard Unix permissions also aren't gonna save you when you run an exploitable program as your home user and it can then access everything in your home directory (in other words, pretty much all of your important files for most users).
Just because AOSP uses many of the Linux kernels security features doesn't magically make other distros more secure. Same with servers vs desktop, which have far different usage requirements and patterns, and vastly different threat models.
Linux desktop is a decade or more behind the curve on exploit mitigations and harm reduction. Social engineering is still a security failure, and it almost as much the fault of OS developers that people are falling for these attacks.
Only recently has sandboxing become more popular for distributing applications, but it still isn't even close to as secure to AOSP or IOS/MacOS sandboxes. Flatpak and Snap are inherently insecure and that isn't even their fault because they aren't really meant to be secure sandboxes; they exist for easy system agnostic app distribution.
Many users still use X11 (or xwayland) which is consistently the source of vulns and regardless is massively insecure. X11 is a nasty rats nest of code and hacks which is massive, complex, and often runs privileged. Ever X11 app has complete access to the X server, and can: record the screen, read all window events and positions, record all keystrokes, send keyboard and mouse events, and much more. Wayland is a good step in the right direction. But Wayland compositors can also suffer from easy attacks, like using LD_PRELOAD to record keystrokes.
Speaking of LD_PRELOAD, most users have .bashrc writeable in there home. Any app that has write access to their home directory can preload a malicious binary which can modify and exploit the running app.
With .bashrc writeable, a hacker can just change tbe user's $PATH and create a fake sudo binary which records the user's password, and escalates to root without them knowing. Even specifying the full path isn't safe, because a hacker can just set an alias which takes priority of the actual path of the binary (eg. /usr/bin/sudo could be an alias of /tmp/sudo).
Now I hear you saying, why didn't the user just NOT run the malicious script or app? With supply chain attacks being at all time highs, you can't just rely on trusting your application developer. An app could get compromised and you wouldn't know. Even if you verify signatures, OpenPGP and GNUPG are inherently broken (see: gpg.fail, Latacora blog, Mathew Green blog)
Most distros use extremely weak memory allocators which allow for easy exploitation of memory corruption vulnerabilities. Hardened_malloc by GrapheneOS works on desktop Linux, with most apps just working fine out of the box. It helps to eliminate (or severely increase the complexity of) memory corruption vulnerabilities.
Many distros don't use mandatory access control policies like AppArmor or SELinux (eg. Arch Linux and its derivatives), and even if they do it isn't compare able to AOSP, like Fedora which use SELinux but doesnt by default isolate all applications with strong policies.
Then there are LTS distros, which because of their release schedule and also the way that CVEs are assigned, often miss important patches which go unnoticed (or not triaged for their security impact). See the recent copy.fail vuln which because of its disclosure timeline wasn't given ahead of time to distros. The only ones affected were slower moving distros, where as rolling release distros were fine (eg Arch Linux).
Of course let's not forget SETUID and SETGID which are the source of many many privilege escalation attacks, like in the case of that AppArmor vuln about a month ago. Daemon based privilege elevation tools (such as s6-sudo) avoid this problem, but they are not widespread. Systemd's run0 is a more popular example, but just like everything with systemd it is a massive attack surface and extremely complex under-the-hood.
Linux has many security modules (LSMs) such as MAC (eg. SELinux), Seccomp (for filtering syscalls), Landlock (for filesystem and network isolation), unprivileged user namespaces, etc. The only popular apps which make use of some of these features are browsers.
Of course drivers are another source of vulnerabilities because the are implemented in kernelspace instead of using a standardized ABI.
Linux is not a secure desktop OS. Neither is it very secure for a server OS (without extensive development of tools which properly use the kernels security features).
I could apply most of what I have said to the *BSDs within the context of Desktop OSes.
Excellent write-up! Thank you so much for this!
@vk6flab @beep how did you get more than 500 characters? Is it dependent on the instance?
I'm typing this on Lemmy, not Mastodon.
@vk6flab How can I link my accounts or get it to show up on both?
if you mention a lemmy community in your post the post gets sent to show up in the lemmy community. Comments are automatically federated if you comment on a lemmy post.
lemmy posts are all federated to mastodon though if the servers know about each other
No idea. I have two accounts, one on Lemmy, one on Mastodon. Presumably somebody is mirroring this community to Mastodon, or perhaps the other way around, I'm not sure.