Linux security no longer a non-trivial issue?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
Level 3
Level 3
Posts: 168
Joined: Fri Jul 25, 2008 12:49 am
Location: Mountain View, CA

Linux security no longer a non-trivial issue?

Post by runbei »

After reading about the Turla Trojan on Linux, I'm concerned. Particularly eye-opening is the fact that the X system is apparently horribly insecure.

See this PC World article: ... it-is.html

I would surely love to see a step-by-step article on locking down a Mint main edition system to block these threats.

Also, do the Mint developers plan to replace X, as Ubuntu appears to be doing with Mir? Here's a cut from the PC World article: has security issues going back 20+ years

Late last year, we learned there are a huge list of security vulnerabilities in the graphical server and its libraries. Some of these security holes have been around for more than 20 years. The researcher who discovered these holes said security was a disaster, and “it’s worse than it looks.”

This week, many of these security vulnerabilities were made public knowledge. Your Linux distribution should be rolling out security updates for your server and proprietary NVIDIA driver shortly, if it hasn’t already. But, even after these patches, security still doesn’t inspire much confidence. is such a big problem because it’s based on the X11 architecture, which originated 30 years ago. Thankfully, new graphical server technologies like Wayland and Ubuntu’s Mir are about to take’s place.
Edward M. Grant
Level 1
Level 1
Posts: 44
Joined: Sun Feb 16, 2014 7:03 pm
Location: Canada

Re: Linux security no longer a non-trivial issue?

Post by Edward M. Grant »

1. Don't install trojans.
2. Exploiting X bugs usually means that the code performing the exploit is already running on your machine, so your machine is already toast.
3. Wayland and Mir are sure to have exciting new security holes.
Mute Ant
Level 14
Level 14
Posts: 5129
Joined: Tue Sep 03, 2013 7:45 pm
Location: Norfolk UK

Re: Linux security no longer a non-trivial issue?

Post by Mute Ant »

Here are testable facts, and fixes... ... 014-12-09/
...they are not complicated...someone skipped elementary software procedure, like input-sanitisation, boundary checks, overflow/carry tests. So X bravely tries to display a 16GiB wallpaper and crashes, that sort of thing.
While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named "manual".
User avatar
Level 5
Level 5
Posts: 781
Joined: Mon Oct 13, 2008 11:30 am

Re: Linux security no longer a non-trivial issue?

Post by monkeyboy »

I always ask myself how many people do I know who have gotten burned and then act accordingly. Happily I haven't seem big/any numbers on this threat yet and the local user group is clean too.
If you don't like it, make something better
If you can't make something better, adapt
If you can't do either ball your panties up and cry.

Complaining is like masticating most anyone can do it.
However doing it in public is really hardcore.
User avatar
Level 21
Level 21
Posts: 13906
Joined: Thu Apr 07, 2011 8:15 pm

Re: Linux security no longer a non-trivial issue?

Post by WharfRat »

I'm sure more and more exploits will be discovered soon and made public.

For the really paranoid you can compile the kernel with PaX and Grsecurity ... rsecurity/

Another alternative is hardened gentoo ... ned_Gentoo

Another trick, while you're incorporating Pax or compiling hardened gentoo's kernel, is to change all module options to built-in and disable loadable module support.

Good luck :wink:
Post Reply

Return to “Newbie Questions”