Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-09-2012, 04:43 AM   #1
LQ Newbie
Registered: Aug 2012
Posts: 16

Rep: Reputation: Disabled
GUI and security

Someone told me that installing linux on the server without the graphical interface components will help secure the system.

I am curious to know why the graphical components can add security risk to the system?

Old 11-09-2012, 04:52 AM   #2
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738
Disclosure: I'm no expert at computer security.

Assuming that we define security as simply blocking unauthorized users, then I don't see how there would be an issue. I think the real issue comes with all the ways to manipulate programs to do bad things (without ever actually logging on the the system). In these cases, I'd assume that less installed SW (GUI or otherwise) would result in higher security.

Someone told me...
Ask them why....
Old 11-09-2012, 05:30 AM   #3
LQ Newbie
Registered: Aug 2012
Posts: 16

Original Poster
Rep: Reputation: Disabled
their answers seem to be as what you said:-)
Old 11-09-2012, 09:44 AM   #4
Registered: May 2001
Posts: 29,371
Blog Entries: 55

Rep: Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555
Originally Posted by narin1975 View Post
why the graphical components can add security risk to the system?
There's a few ways to approach such a question:
0. The first would be to look for the reason one would want a graphical server in the first place. Often this stems from a lack of basic Linux knowledge (let's leave out the sheer lazy, the criminally irresponsible and those who actually know what they're doing). Basic familiarity (sure some tasks may require a GUI) with "doing things the Linux way" gained by reading and practicing alleviates the need for a GUI in the first place.
1. Secondly one of the basic rules tells you to only install what software you need right now. Practically speaking this minimizes time spent on maintenance (having to configure users and software, check for security fixes, etc, etc.) and it minimizes exposure. Simply put if the network port isn't accessible it can't be accessed, if the process isn't running it can not be subverted and if the software isn't installed then no user can fsck it up exploit it.
2. The third one is to look at the effect of having and running a graphical server. In its simplest incarnation the "graphical interface components" you talk of require an Xserver, its extensions, low level functionality, graphical and other libraries and drivers, a font server, a Window Manager (WM) and X-capable utilities. If you perform a standard installation of a mainstream Linux distribution you get on top of that a complete Desktop Environment (DE) including a graphical Display Manager (DM), File Manager (FM), multi-media and other utilities plus their supporting binaries and libraries. Apart from the expanded footprint such an installation offers, running the Xserver itself poses problems in the way its drivers (ab)use memory and manipulates devices ('man ioctl') to get things to work, a DM may listen to the network for connections, a WM or FM may come with "features" that can be abused (say autorun settings). And that's just the tip of the iceberg.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The Linux Security Circus: On GUI isolation LXer Syndicated Linux News 0 04-24-2011 02:20 PM
Secure Debian-based with GUI distribution? Security reading material (e-versions)? computer_freak_8 Linux - Distributions 10 08-12-2009 12:12 PM
Writing GUI front-ends: what language + what GUI library? pear Programming 7 07-07-2008 08:17 AM
GNU/Linux GUI Security Suite gashgordon Linux - Security 24 09-23-2007 01:46 AM
GUI login, security hole Darin Linux - Security 2 01-30-2003 01:27 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:07 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration