this post was submitted on 29 Jun 2025
-52 points (12.9% liked)

Linux

8249 readers
321 users here now

A community for everything relating to the GNU/Linux operating system

Also check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
-52
Linux suffers from a lot of unaddressed security problems. (programming.dev)
submitted 5 days ago by Pro@programming.dev to c/linux@programming.dev
16 comments fedilink hide all child comments
 

  • Not all distros ship SELinux and the ones that do, don't actually configure it securely.

  • New users are expected to keep copying and pasting commands from their browsers to their terminal which compromises some Linux security defenses.

  • KDE, GNOME and Sway are the only functional Desktop Environments/Window Managers that support Wayland all, while the Other DEs are not even close to shipping with Wayland.

  • Most if not all of the Linux Distros in 2025 ship with Grub bootloader, which suffers from a lot of problems, instead of using the bootloaders that does not support BIOS and will improve the reliability of booting and provide a more stable experience.

you are viewing a single comment's thread
view the rest of the comments
[–] mormund@feddit.org 8 points 5 days ago (7 children)

The default GRUB setup basically provides no security, even with UEFI secure boot enabled. On my default Debian install I can just edit the Kernel command line and get root without any password required. But beyond that, check out design goal 2 in this article https://0pointer.net/blog/fitting-everything-together.html

[–] anamethatisnt@sopuli.xyz 14 points 5 days ago (6 children)

Honestly I simply found the statement to give very little to discuss.
Regarding editing the Kernel command line; that would require that you already have access to your Debian install and have the rights to edit the Kernel command line.

Regarding your link in general I find myself at odds with development practices that removes my own agency. I can see how for many end-users it's good, just like how most car owners shouldn't try to fix their car troubles themselves, but I would start looking for another OS if it starts pulling auto-updating á la Windows.

[–] mormund@feddit.org 2 points 5 days ago (5 children)

No. You can edit the Kernel command line directly from GRUB before booting into anything else. That is the default behavior (with Debian).

Yes, it is more aimed towards "casual" users that want something that just works. But auto-updating policy is not really the point of the blog. Every distro is deciding that by themselves and will always be able to.

[–] anamethatisnt@sopuli.xyz 4 points 5 days ago

Could be an idea to make it easier to set a grub password during distro installation, that I can agree on.

load more comments (4 replies)
load more comments (4 replies)
load more comments (4 replies)