Good post. You are thinking. I like that.
My overall impression so far is that I think Linux relies a bit too much on its permission system to secure itself, which was really what I was trying to imply in my earlier post.
The ownership/permission system in Unix/Linux is much more fine grained than with Windows. It ties in nicely with the unified file system. In Unix/Linux everything is a file/folder. No device, real or virtual, can be recognized, used, or manipulated unless it is mounted to a file/folder in the file system. Therefore, controlling what can be done with a file and who can do it is a powerful tool to control access.
It is debatable of course, but I think the biggest single flaw in the Windows system is the executable extension. Anybody, from anywhere can attach the .exe extension to a file and Windows will try to run it. In Linux this is part of the permissions system. Files can not be executed, with one exception, unless the execute flag is set locally. And then it can only be run with the permissions of the user that owns it.
This system may seem simplistic. It is in its' basic concepts, but there are almost endless possibilities in its applications and uses. SELinux is an outgrowth or set of extensions that just expands the granularity of these permissions. I am not that familiar with AppArmor, having only used it a few times, but it too expands upon the basic permissions to control what resources applications have access to as well, often called DAC or MAC. It is kinda like group permissions on steroids.
In my opinion, using SELinux or AppArmor on a desktop system is at best over kill. At worst, a waste of resources and a maintenance nightmare on a system that is constantly changing, as desktops typically do, and is a pain to have locked down.
... but anything that makes it past the rigid permission system and gains root access by some kernel vulnerability, zero-day remote exploit, or just plain negligence from the user would be able to wreak havoc on the OS with practically no way of stopping that piece of malware (if it gets root privs, it can do anything, right?). It seems that malware prevention in Linux revolves mostly around the idea of making sure that the virus never gets root access, and if it does, it's game over...or am I missing something?
Yes, you are correct. Root is God, and can do anything. If root tells the system to burn down you neighbor's house, shoot your dog, throw your wife out on the street, and then self destruct, ie commit suicide, it will promptly and happily do so without warnings or regrets.
The only flaw in your statement is about the virus. A virus must not only be able to live/run on your system but it must be able to replicate/infect other machines. This is a problem with Linux machines, hence the difficulty for Linux viruses surviving in the wild. To date, most Linux users don't invite/enable viruses to run on their boxes by operating in root or doing other dumb things. That may change as more and more Windows users with bad habits migrate to Linux though. Time will tell.
When bad mouthing Windows users I should, in a sense of fairness say that it isn't all the Windows user's fault. In fact, it is more Microsoft's and their proprietary software partners fault. They have never really built a multi-user networking system and software stack. Much Windows software has to be run as root to function, and Microsoft has traditionally if not encouraged it, certainly allowed it to happen. Microsoft has spent untold fortunes indoctrinating users with bad habits and pervading false assumptions.
Fred, isn't the default permission setting for /home 755? I could be wrong though, and I probably am.
The thing is, there seems to be a trade-off with permission settings; the less permissive you are, the less functionality
You should not have the ability to execute things in your home folder. The exception to this is your auto start folder. I can't say for sure, as I don't have Mint 8 currently installed on this box, but it should not be 755. 644 is usually the default on most desktops and past versions of Mint but it is up to the distro developer of course. You last thought would be better expressed using the word "flexibility
" in place of the bold in your quote. The functionality is still there, it just isn't accessible.
Below is a post that may start you down the permissions path. Just be careful when playing with permissions and think through what you need to do. A short pencil is better than a long memory when trying to explain to someone how you managed to break your system. viewtopic.php?f=90&t=34206&p=197520&hilit=Fred+mess#p197520