LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-07-2005, 01:17 AM   #1
Nad0xFF
Member
 
Registered: Apr 2005
Location: Russia, Saint-Petersburg
Distribution: Slackware 10
Posts: 109

Rep: Reputation: 15
Is linux so secure just due to lack of users?


What do you think?

In Windows (IE, oe Explorer, services) there are discovered very much bugs, which allow to install spyware, malware and so on. May be linux is so secure just because it is not able to get money from it's hack? (No users -> No spyware -> no money -> not need to find a bugs)



P.S. May be for this thread is more suitable to be in Linux-General :-\

Last edited by Nad0xFF; 04-07-2005 at 01:19 AM.
 
Old 04-07-2005, 01:24 AM   #2
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 75
Linux is more secure because of its security model. By default it does not run with administrator privileges, so its difficult to compromise the system unless you know the root password. File ownership also prevents things like malware, spyware etc, because usually if you are not the owner of a file, then you can't make any changes to it.
 
Old 04-07-2005, 01:31 AM   #3
Nad0xFF
Member
 
Registered: Apr 2005
Location: Russia, Saint-Petersburg
Distribution: Slackware 10
Posts: 109

Original Poster
Rep: Reputation: 15
But there might be bugs with getting root privilegies
 
Old 04-07-2005, 02:44 AM   #4
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: PCLINUXOS
Posts: 2,877

Rep: Reputation: 88
Quote:
Is linux so secure just due to lack of users?
Yes, that is completely true. None of us here use Linux and that makes it very secure.
 
Old 04-07-2005, 03:48 AM   #5
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
Quote:
Is linux so secure just due to lack of users?
I'd really like to debunk once and for all the myth that more users means more crap (malware, virus, poor security), but I don't think that's possible; instead I'll just debunk you

An excellent argument has been made, but I can't remember where; I think it somehow included ESR--maybe check the halloween documents?

Anyways, the argument is:
about ~70% (+-10) of the servers run on the net is Apache. A somewhat smaller part is M$'s IIS (the Inconvenient Interruption Server or something like that). The highest (absolute, _not_ relative) number of attacks were made on IIS. The highest number of successful attacks, also IIS.

(iirc)

The conclusion was: no, fewer users doesn't mean that it's more secure. A good security model and policy gives a foundation for security. What you build on that foundation defines the quality of your security. Running things outside of kernel space is a good idea. M$ doesn't seem to understand this: they put graphics (=something between X and gtk) in the kernel. Crash that and you crash [or worse, take over] the kernel.

the short version:
Linux is safe because it's made to be safe.
Windows is unsafe because it's either (a) not designed to be safe; or (b) the safety is designed/implemented/made wrong.

hth --Jonas Kölker
 
Old 04-07-2005, 09:03 AM   #6
aqoliveira
Member
 
Registered: Dec 2001
Location: Portugal
Distribution: /Red Hat/Fedora/Solaris
Posts: 622

Rep: Reputation: 30
Howzit

First take a look at my signature

Just to say that the safest OS in the world running on any platform is the one that is not powerd on. In my opinion i think that Windoze is less safer than Linux due to the fact that users can run with Admin rights. It also comes with a whole lot of services that are enabled by default which can cause tremendous amounts of problems.

I have read those white papers about Windoze vs Linux and my conclusion is that no matter what OS u run u have to have a good policy in place this is fundamental. This will encorporate OS lock down; Physical Lock down and recovery procedures when things do go wrong.

I also agree with the poster above about there are less attackes against Linux because there are not many people using it this is a lot of Hog wash, all systems can be made as safe as possible., but must say with my experiance there has been less problems with *NIX OS than with M$.

cheers
 
Old 04-07-2005, 09:18 AM   #7
skoot
Member
 
Registered: Apr 2005
Distribution: Ubuntu
Posts: 70

Rep: Reputation: 15
although im just a newby, i dont believe any of you have yet answered the question correctly and concisely.
linux is fundamentally more secure because of the structure of its file/permissions system. this system ensures that no code can be run nor files saved without the permission of the owner of the files(providing the permissions have been set correctly). older versions of windows(im not sure but i dont think the newest versions do this) do not have such security meaning that a web site can send any code it likes to internet explorer and IE will run it so that you can view the website(on the IE screen). in fairness, microsoft most probably did this in the beggining to allow for smoother and easier internet surfing, but evidently the plan backfired - these days you must have security, letting anyone run code on your pc is is quite obviously ludicrous.
(my say is said;P)

in other words.no, it is not because less people use it, it is actually more secure.

Last edited by skoot; 04-07-2005 at 09:20 AM.
 
Old 04-07-2005, 04:01 PM   #8
frgtn
LQ Newbie
 
Registered: Mar 2005
Location: Kaunas, Lithuania
Distribution: Slackware 10.1
Posts: 28

Rep: Reputation: 15
hi
Well you can make a windows box secure and you can make a linux box unsecure. I think a very important part is the user/admin. Windows was always the easy-to-use choice, so if it's too hard to maintain a linux box, people use windows, mostly not caring about security too much because of their lack of intelligence/commitment. There's also another thing that makes linux secure - because it's open source! If you feel you don't like/don't need a part of a program you can always rewrite/disable it. Try this on ISS.
 
Old 04-08-2005, 02:45 AM   #9
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
Quote:
Well you can make a windows box secure
you need to work on your `suspension of disbelief'
 
Old 04-08-2005, 07:06 AM   #10
Nad0xFF
Member
 
Registered: Apr 2005
Location: Russia, Saint-Petersburg
Distribution: Slackware 10
Posts: 109

Original Poster
Rep: Reputation: 15
You all here speak about "security model" of linux. But what about hacking it and getting root account? What about such bugs?
 
Old 04-08-2005, 11:26 AM   #11
japetto
Member
 
Registered: Dec 2004
Posts: 61

Rep: Reputation: 15
Quote:
You all here speak about "security model" of linux. But what about hacking it and getting root account? What about such bugs?
no operating system is fully secure. any one can be broken/hacked. that is at least obvious, if not inevitable. the real importance of security is to make things less possible for the attacker. besides poorly written or evaluated code there are many weaknesses within windows to exploit. they are there from the oem install without most end users even knowing about them. there sum is greater that that of linux's weaknesses based on the fact that a clean linux install does not offer as many exploits. people using linux are more likely to educate themselves on security and in effect greaten linux's security because it is a community based operating system.
 
Old 04-08-2005, 12:03 PM   #12
perfect_circle
Senior Member
 
Registered: Oct 2004
Location: Athens, Greece
Distribution: Slackware, arch
Posts: 1,783

Rep: Reputation: 52
Is linux so secure just due to lack of users?

The answer is yes and no. The time a linux box will stay on line without a firewall and without beeing attacked is a lot more that it is with windows boxes. This has not to do with being more secure but with being less popular.

On the other hand a program can be considered to be more secure if it does not have the tendency to encourage users do security mistakes. Being root all the time, is really dangerous, and this is what all windows users do.

Last edited by perfect_circle; 04-08-2005 at 03:47 PM.
 
Old 04-08-2005, 03:02 PM   #13
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Quote:
Originally posted by skoot

-{Snip}-

in other words.no, it is not because less people use it, it is actually more secure.
Sorry, but no ... Anything built on the NT line has more file permission control than an out of the box Linux. MACs were available on NT4 *long* ago.

Without SELinux (or one of the workalikes) UNIX filesystems are *less* secure than Windows ones. The reason that it appears the opposite is that

a) Windows users typically run as root (Administrator) all the time (the fact that M$ designed it so that you have to for all the functionality to work is *NO* help in curbing this behavior), and

b) Windows give "Everyone" full control by default. In the *NIX world this is roughly the same as setting your umask to 0000 ...

To answer the OP's question -- yes. You can bet if linux came installed on every off the shelf PC and the scum of the internet thought they could make a buck by exploiting it that they would at every possible opportunity. That doesn't mean that they wouldn't have to work harder to do so ...

Last edited by sigsegv; 04-08-2005 at 03:05 PM.
 
Old 04-08-2005, 03:41 PM   #14
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
Quote:
Sorry, but no ... Anything built on the NT line has more file permission control than an out of the box Linux.
Sounds interesting; could you elaborate on this? Which flags (and other mechanisms) does it have that *nix doesn't?

thanks,

Jonas

Last edited by jonaskoelker; 04-08-2005 at 04:08 PM.
 
Old 04-08-2005, 04:01 PM   #15
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Google for "Mandatory Access Controls"

My earlier statement is based on the fact that Windows has had MAC for years while they're a fairly new addition to Linux (and still an add on)

Last edited by sigsegv; 04-08-2005 at 04:02 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot finihs installation due to lack of internet connection. Lechium Debian 3 07-30-2004 04:14 AM
Paranoia due to lack of knowledge downinthemine Linux - Security 2 12-04-2003 12:37 AM
RH9 won' boot due to lack of space ravykanth Linux - Newbie 6 10-27-2003 10:07 PM
Linux doesn' boot due to lack of hard disk space ravykanth Linux - General 1 10-27-2003 03:44 PM
gtk+-2.2.4 not installing due to lack of glib hamish Linux - Software 3 09-17-2003 11:24 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration