Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You probably should be aware, and make 100% certain that you do not download or activate any files that are not 100% trusted. That includes being extremely careful what you receive in emails and what web sites you visit or download from.
Safe practices have always been to scan files before opening and never run unvetted software.
Gotta be pretty thick-skinned not to be concerned. Note the others listed at the end under surge - there is some seriously impressive code being deployed against linux these days.
The biggest point of vulnerability in any computer system is PEBCAK.
And that's more true now than it ever has been, as dodgy links and untrustworthy emails and questionable "social" media posts have become the leading ways of spreading malware.
Wow... and I thought the whole point of Linux was to be a viable, safe alternative to MicroSoft Windows, in the battle to secure our privacy and data.
Security always depends on the maintainer, not on the OS. So linux is not safe by itself, but you can make it secure. And you can do that with windows too.
Meh. Malware which requires that I download it and run it as root is not something I fear.
Any decent threat will make use of an exploit that exposes root privileges, but doesn't itself require the same. That sort of attitude is why they are so successful.
This is one reason why "the account that you use every day" should not be a member of the wheel group. It should not be capable of "sudo."
Only one account – not named "admin" or "administrator" – should be reserved for system maintenance purposes. And you should use it for nothing else.
This is commonly referred to as the Principle of Least Privilege. Computers are terrible at knowing when to say "yes," but they're great at saying "no."
You probably should be aware, and make 100% certain that you do not download or activate any files that are not 100% trusted. That includes being extremely careful what you receive in emails and what web sites you visit or download from.
Safe practices have always been to scan files before opening and never run unvetted software.
I only download/install software from Linux; however, I also use software from the Google suite of products in the course of my daily business.
This is one reason why "the account that you use every day" should not be a member of the wheel group. It should not be capable of "sudo."
Only one account – not named "admin" or "administrator" – should be reserved for system maintenance purposes. And you should use it for nothing else.
This is commonly referred to as the Principle of Least Privilege. Computers are terrible at knowing when to say "yes," but they're great at saying "no."
So, to be clear, you're saying that I should have two accounts, i.e., a user account and a super user account, and I am to to use the user account for my day-to-day biz?
So, to be clear, you're saying that I should have two accounts, i.e., a user account and a super user account, and I am to to use the user account for my day-to-day biz?
Bing, bing, bing! Now the light comes on.
This has been stated many times over the years.
The main way any exploit is effective is if the user allows a means for the malware to access admin privileges. The main user account usually has access to sudo whereas most other users do not. Ergo, most users cannot break the system but the admin user may.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
