Linux security no longer a non-trivial issue?

Quick to answer questions about finding your way around Linux Mint as a new user.
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
runbei

Linux security no longer a non-trivial issue?

Post by runbei »

After reading about the Turla Trojan on Linux, I'm concerned. Particularly eye-opening is the fact that the X system is apparently horribly insecure.

See this PC World article: http://www.pcworld.com/article/2859122/ ... it-is.html

I would surely love to see a step-by-step article on locking down a Mint main edition system to block these threats.

Also, do the Mint developers plan to replace X, as Ubuntu appears to be doing with Mir? Here's a cut from the PC World article:
X.org has security issues going back 20+ years

Late last year, we learned there are a huge list of security vulnerabilities in the X.org graphical server and its libraries. Some of these security holes have been around for more than 20 years. The researcher who discovered these holes said X.org security was a disaster, and “it’s worse than it looks.”

This week, many of these security vulnerabilities were made public knowledge. Your Linux distribution should be rolling out security updates for your X.org server and proprietary NVIDIA driver shortly, if it hasn’t already. But, even after these patches, X.org security still doesn’t inspire much confidence.

X.org is such a big problem because it’s based on the X11 architecture, which originated 30 years ago. Thankfully, new graphical server technologies like Wayland and Ubuntu’s Mir are about to take X.org’s place.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Top
Edward M. Grant

Re: Linux security no longer a non-trivial issue?

Post by Edward M. Grant »

1. Don't install trojans.
2. Exploiting X bugs usually means that the code performing the exploit is already running on your machine, so your machine is already toast.
3. Wayland and Mir are sure to have exciting new security holes.
Top
Mute Ant

Re: Linux security no longer a non-trivial issue?

Post by Mute Ant »

Here are testable facts, and fixes...
http://www.x.org/wiki/Development/Secur ... 014-12-09/
...they are not complicated...someone skipped elementary software procedure, like input-sanitisation, boundary checks, overflow/carry tests. So X bravely tries to display a 16GiB wallpaper and crashes, that sort of thing.
Top
monkeyboy

Re: Linux security no longer a non-trivial issue?

Post by monkeyboy »

I always ask myself how many people do I know who have gotten burned and then act accordingly. Happily I haven't seem big/any numbers on this threat yet and the local user group is clean too.
Top
WharfRat

Re: Linux security no longer a non-trivial issue?

Post by WharfRat »

I'm sure more and more exploits will be discovered soon and made public.

For the really paranoid you can compile the kernel with PaX and Grsecurity

http://www.insanitybit.com/2012/05/31/c ... rsecurity/

Another alternative is hardened gentoo

http://wiki.gentoo.org/wiki/Hardened/In ... ned_Gentoo

Another trick, while you're incorporating Pax or compiling hardened gentoo's kernel, is to change all module options to built-in and disable loadable module support.

Good luck :wink:
Top
Locked

Return to “Beginner Questions”