this post was submitted on 05 Dec 2023
21 points (76.9% liked)
Linux
48310 readers
645 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I.e. how malware could easily catch your Sudo password without root access.
Peeps, bad news, Linux is damn insecure.
By simply placing an alias in your bashrc they could already grab your sudo password.
Another bad news, this Windows "okay" Button without any password is actually more secure.
In other words: a compromised system at the User level can easily compromised at the admin level if there are no additional checks/measures in place. Same for Windows. Just change the link to a Programm you commonly need the press OK to to you maleware. Profit.
The proper way to handle issues like these is process level permissions (i.e. capability systems), instead of user level. Linux CGroups, namespaces, etc. are already moving that way, and in effect that's the way windows is trying to head too. (Windows has its own form of containerization called AppContainers, which UWP apps use. Windows also has its own capability system).