this post was submitted on 09 Jul 2023
84 points (80.0% liked)

Linux

48012 readers
1562 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

A discovered vulnerability for privilage escalation https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html?m=1

If system security is the most important criteria above everything else, switch to using BSD.

top 20 comments
sorted by: hot top controversial new old
[–] [email protected] 88 points 1 year ago (2 children)
[–] [email protected] 7 points 1 year ago

Why isn't this top comment lol

[–] [email protected] 3 points 1 year ago (1 children)

What I'd like to know is, how can I find out when these kernel patches came or will come to something like Ubuntu or CentOS or SLES?

[–] [email protected] 2 points 1 year ago

Opencve.

Also, just hook up to yum and keep that test VM set updating daily.

EL has been so stable that I've had a good portion of the herd cron-yumming for about 20 years now. It's gone about 2% to shit since systemd and networkmangler and other useless fridge art, but it's still the easiest method to avoid 95% of problems.

You may not like the numbers, but 7 THOUSAND consecutive successful update runs is a decent enough track record for me. Make sure to needs-rebooting&&reboot on a decent schedule.

[–] [email protected] 50 points 1 year ago* (last edited 1 year ago) (4 children)

switch to using BSD

TempleOS has always been the answer, no vulnerabilities as it can't even connect to the internet

[–] [email protected] 20 points 1 year ago

They hated him because he spoke the truth

[–] [email protected] 17 points 1 year ago

Can't have a privilege escalation when there are no privileges, since every process runs in the same address space in ring 0.

[–] [email protected] 9 points 1 year ago

Who needs the internet when you have a direct connection to His Kingdom.

[–] [email protected] 8 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago

it apparently has a Moses simulator or something like that

[–] [email protected] 43 points 1 year ago (1 children)

If system security is the most important criteria above everything else, switch to using BSD.

nice bait mate.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

After reading this i immediately switched to BSD.

[–] [email protected] 27 points 1 year ago (1 children)

BSD boosterism is a meme, I know, but honestly this is the incorrect take.

Anything as large and complicated as a kernel has bugs. Some of those bugs may be security related. If security is your concern, you want to use the kernel which has people actively publishing those bugs so they can be patched.

The fact you haven't seen privilege escalation vulnerabilities in BSD isn't necessarily because they aren't there. We don't know that. What we do know is that not as many people are looking.

[–] [email protected] 18 points 1 year ago

The fact you haven’t seen privilege escalation vulnerabilities in BSD isn’t necessarily because they aren’t there.

aka 'absence of proof isn't proof of absence'.

[–] [email protected] 17 points 1 year ago (1 children)

So you switch your OS every time a vulnerability is discovered in it? You'd run out of OSs really fast

[–] [email protected] 2 points 1 year ago

That's the goal of OpenBSD, to prioritize security and actively find ways to crack or break OpenBSD in order to consistently harden it to the point that people at DEFCON conferences have given up trying to hack it due to being such a lengthy process each time only to fail.

[–] [email protected] 13 points 1 year ago

If system security is the most important criteria above everything else, switch to using BSD.

Jingoism aside, anyone running enterprise Linux is also not affected.

So calm down. It's just the "concept car" versions affected, and your work shouldn't be calling you for anything.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Switch to using BSD

As a person who was using OpenBSD as a main driver for 2 years, yeah it's got it's benefits and the like. But I'll stick to Parabola anyway.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Trippy. I was just tempted to make a post asking about how hard it would be in rust to make a program with high end security and privacy. I decided not to, but then starting to wonder if memory could be put onto the swap file and then edited, and they this post showed up. I thought clearly, without a doubt they would make the swap system near perfect and i shouldn't worry about that. haha

load more comments
view more: next ›