Superiority of Linux security
Linux is a very secure operating system since it is rarely attacked by malware such as viruses, worms, and other threats. We will never encounter a circumstance where antivirus software is being sold for Linux as a typical user. This indicates that Linux is intrinsically secure for a variety of reasons.
The development of the Linux Kernel follows an extremely process-oriented, designed methodology. The entire source code is separated into various subsystems, each of which is maintained by a subsystem maintainer (for example, memory management). Each and every modification that is being incorporated into the mainline Kernel is thoroughly reviewed by this maintainer and a group of reviewers, ensuring that it is secure by design.
The Linux kernel comes equipped with a wide range of built-in security defenses, such as firewalls that use kernel-based packet filters, the UEFI Secure Boot firmware verification mechanism, the Linux Kernel Lockdown configuration option, and the SELinux or AppArmor Mandatory Access Control (MAC) security enhancement systems. Administrators can increase the security of their systems by enabling these features and customizing them to offer the highest level of security, a process known as Linux kernel self-protection.
Access is limited by Linux’s precisely defined privileges at various levels. For instance, there are access rights at the “root” level (which are equivalent to “administrator” in any OS) that are not granted to other users. Only accounts with limited access at lower levels are accessible to users. When a Linux system is infiltrated, malware or viruses are unable to get root access and cause widespread harm. Only a user’s local files and applications will be impacted because the average user does not have access to all of the system’s files. This makes Linux-based computers less susceptible to viral effects. Linux users do not have root access, hence it is challenging to harm the system.
User space and kernel space are clearly separated in Linux. Here, users will not see the real physical address assigned to any process. Try printing the addresses of the parent process and any children that the fork() system call has produced, for instance. The virtual address will be the same for both the parent and child processes. This is due to the fact that only the virtual address that is mapped to the physical address can be accessed by any program. As a result, genuine physical address space cannot be damaged. Linux is more secure because of its memory management strategy.
A security feature of Linux called SELinux gives users and administrators additional control over file access. The Linux Kernel offers a configurable mandatory access control (MAC) system. The ability to access things like files, connections, etc. is granted to any process or application that is currently running as a user. The sophistication of the policies for their server environment should be decided by system administrators. The MAC kernel aids in defending the system against programs that can harm it. This is Linux’s next level of security.
(Zhai & Li, 2008; Why Is Linux More Secure than Other Operating Systems?, 2017; Day, 2021;)
References
Day, B. (2021, October 25). How Secure Is Linux?. Linuxsecurity.com. https://linuxsecurity.com/features/how-secure-is-linux
Why is linux more secure than other operating systems? (2017, October 12). Emertxe. https://www.emertxe.com/embedded/why-linux-is-more-secure-than-other-operating-systems/
Zhai, G., & Li, Y. (2008). Analysis and Study of Security Mechanisms inside Linux Kernel. 2008 International Conference on Security Technology. https://doi.org/10.1109/sectech.2008.17
