Linux

48031 readers

1156 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Recommend security-first basic Linux Apps! (github.com)

submitted 11 months ago* (last edited 11 months ago) by Pantherina@feddit.de to c/linux@lemmy.ml

8 comments fedilink hide all child comments

As part of the effort of making a "Chromebook-like" secure, autoupdating, cloud-native, "unbreakable" (but still free and privacy-friendly) Distro, I would like some of your recommendations on especially secure software, that could replace common ones like File managers, Archive Managers, PDF reader, Image viewer etc.

I am thinking of Loupe, GNOMEs new image viewer written in Rust, that opens SVGs in a sandbox to avoid issues here.

Memory safety, resonable simplicity, updated code, these should be requirements.

Any other recommendations? Thanks guys!

Btw Flatpaks are working now! Come and test Secureblue!

all 9 comments

sorted by: hot top controversial new old

[–] GustavoM@lemmy.world 13 points 11 months ago (2 children)

firejail

ufw

And docker if you are paranoid. (You can completely shut off the network of specific commands -- can't get any better (and safer) than that!).

[–] Pantherina@feddit.de 12 points 11 months ago (2 children)

Firejail has some big security flaws. There us bubblejail, which uses the way better bubblewrap also used for Flatpaks.

But the Bubblewrap and Flatpak Situation is quite complex. Flatpaks, as well as Podman containers, require user namespaces. Through these namespaces programs can get privileged access to system components, which is why secureblue now has bubblewrap-suid installed.

bubblejail maybe uses that binary already, or it needs to be patched too.

[–] idiocracy@lemmy.zip 2 points 11 months ago

I keep seeing firejail being recommended though, were the security flaws still not fixed?

[–] draughtcyclist@programming.dev 8 points 11 months ago (1 children)

I love ufw... So straightforward and easy to use.

[–] JustEnoughDucks@feddit.nl 3 points 11 months ago (1 children)

It's a pity that docker doesn't work with it well...

[–] GravitySpoiled@lemmy.ml 2 points 11 months ago (1 children)

Doesn't podman solve that issue?

[–] Pantherina@feddit.de 4 points 11 months ago

Yup securitywise I would also say Podman > Docker