How can Linux be safe when it is open source?
Question by Terafall /
Ads by Google

How did Linux have better security than Windows when everyone can look at its code? Shouldn’t that mean that Linux is easier to infect with malware, viruses and so on?

Browse other questions & answers in the category , ; tagged , , , .
Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Online Security Tips
Online Security Tips
412 Members
Master the Linux Command Line
Master the Linux Command Line
369 Members
Linux for New Switchers
Linux for New Switchers
270 Members
New Security Breaches
New Security Breaches
234 Members
Best Linux Apps
Best Linux Apps
214 Members
Linux Distros Talk
Linux Distros Talk
164 Members

Comments for this Question are closed.

Answers (20)
  • Reý Aetar

    Once some one contributes to the source it is reviewed by the officials and one more thing the source is useless for a machine until some one compiles it and once it is compiled its the same as closed source programs just no question of being safe or unsafe ..yes security holes are found and can be misused but also there are others fixing it at the same time..
    and yes not only linux but these applies for all opensource programes out there

  • Linda Dulin

    Need to find a Parental Control program that is supported by Linux.

  • Jimbo99

    First, the option to delete everything was hobbled a long time ago– it is no longer valid. Second, the option to delete everything is not a security issue, it’s a stupidity and/or abuse issue.

    The option to delete everything with a single command was hobbled a long time ago — you can no longer destroy your system with that command in Linux unless you intend to do it. In Windows you can still delete your Windows folder with a single command (using cmd.exe).

    Stating that Linux is vulnerable or insecure, due to that one now hobbled feature is just flat out wrong. That command was rarely issued by people unless they were being mislead by some vindictive person or someone playing a joke, or unless they intended to do it. In the case they did it by accident a lot of conditions had to be right for it to do any harm.

    It doesn’t take much research in Google to find that the option was hobbled a long time ago so that people don’t make the mistake. Besides everything in Linux is done in a graphical desktop anyway without a root control, so most people are not using the command line but infrequently. There’s very little reason to be at the terminal prompt for the vast majority of Linux users.

    Yet, no matter how you look at it, it is not a security issue. Security involves working toward a safe environment free of bugs and exploits that allow others to penetrate your system and control it.

    Linux gets better every day. One of the philosophies of Linux is to update and release often. Because of this Linux is on the cusp of exceeding not only the value of Windows but also the usability.

    Linux is approximately 20 years old and benefits from having the code updated and released often adding a flexibility not shared by other legacy OSes such as Windows. All those eyes examining it for security issues and bugs keep it flexible and young at heart. Most operating systems are old, older than Linux.

    Microsoft’s OS is also old, older than Linux, but it’s core functionality, when it was first created, was based on the ability to have mom and pop use it, thus meaning they neglected security to accomplish that–they tacked it on after the fact, and they haven’t been able to resolve the security issues in the past 15 years.

    • Richard Carpenter

      The rm command is still treat…. It CAN be ran from a script without root access, easily.

      Also, Linux is Directly based off of Unix, which is roughly twenty years older then Windows.

      Linux is full of security vulnerabilities that the community doesn’t even care about, and will not fix. For instance, using net commands to control a box without any user rights…

      Linux is a good OS, but security is not a strong point.

    • Jimbo99

      The rm command *is* a valid command. It is used to remove (or rather delete) files. The rmdir command is used to delete folders. Parameters to the rmdir command allows you to recursively delete files and folders.

      Those commands are no more going away than the “del” command is going away in Windows.

      And, as I said, the issue isn’t unique to Linux. In Windows you can delete all those important files necessary to have Windows work. In OS X the same. In BSD and Sun the same.

      So it was not solely a Linux issue. The issue also existed in other OSes.

      The following link shows how the command is now configured in Linux/PC-BSD/Sun. Of course BSD and Sun pretty much are Unix. So is Mac OSX.

      In order to perform these actions you must now override a block. This means that if you try to use the command to remove these files you have to intentionally tell it to do so.

      In the past, few if anyone really deleted their whole file system by accident. The ones that did do it by accident had to be logged in as root and issue the command wantonly. We all know by now that we should not be logging in as root (so as to protect us from ourselves).

      Alternatively you might issue the command preceded by “sudo”, and yes, if you told it to do so then it would proceed.

      As the above links point out the commands are not unique to Linux. They are the same on BSD and Sun and OS X resulting in the same unhappy endings.

      As you can see from the second link they changed the command some time ago so that you had to intentionally override the block. Why it still exists is because you sometimes (albeit however rare) may have a reason to do it.

      To misrepresent the command as a security risk is irresponsible. When you then leave out that the other OSes suffered the same deficiency (where you can do the same thing) makes you doubly irresponsible, as if you are intentionally misleading people.

      Concluding, you can issue the same command or an equivalent in any of the popular OSes: Windows, Unix, OS X, BSD, and Linux. At least the *nix OSes have changed the command to force users to tell it to override the blocks. In Windows you can still easily destroy important files necessary to boot the OS.

    • Richard Carpenter

      This is not a issue with modern Windows (Vista and up) and can not be executed without tweaking VS. just running the command in Linux.

      I have tried to do this several different ways (even thru PowerShell) to Windows 7, Windows 8 RP, and Vista, just to see if it could be done… and it can not. It just a Unix issue.

      It may not wipe your file system, but the command ran from a normal user prompt will render it useless, unless the person on the other end is proficent with unix enviroments, ofcourse most people proficent with unix wouldn’t run a rm with a wildcard anyhow…

      Also just tried on three machine running last greatest of threee hardened distros… all fell to my basic script mainly using the rm command and made the machines unusable. Took code from several bits and peices of unix malware for priviledge escalation. ect, and the result from where as expected, Unix is extremely vulnerable.

  • Anestis

    As other people have said, more eyes looking at the code means quicker fixes.

    Also, modern flavours of Linux force you to create a standard user account which you use day to day.

    If you need to install software or an application package, you need to provide the root username password (equivalent to admin username/password in Windows).

    This is unlike Windows, where the initial user account you create automatically also has admin access and allow any program to be installed without permission.

    Also, if you have UAC turned off in Windows this makes it easier for viruses and malware to be installed, as you get no warning.

    It’s also makes it more difficult for drive-by viruses and malware to be installed.

    So, it’s not so much the open source factor, but rather the philosophy and execution of the day-to-day user account between the two that makes it safer.

    Mac OS X has the same philosophy due to it running BSD UNIX as the underlying operating system.

  • rajaram342

    Does anyone hear really know why linux is virus proof???? i wud like to know!

    • Shehan Nirmal

      Linux is open-source. So the developers all over the world, develop and updates the security problems in Linux. And also, It always ask the root password when someone try to run a program that would access the system files and directories.

  • gpvprasad

    It’s very simple Linux never fired any one

  • Jon Smith

    It is easier like everyone said but most computers used by consumers are still PCs so its hackers would go for the heavier user group

  • Mike

    Let me give you another perspective:
    Open source and closed source operating systems are exactly the same.

    Why, is very simple to explain:
    You have to put effort, time and thinking into either of them to make it safe.

    For example you will see a lot of people (including here in the Answers section) who are still running Windows XP with Service Pack 2.
    Of course their proprietary software is not as safe as downloading the latest release of Ubuntu because THEY failed to put the effort into it installing all the latest updates or better upgrade to a fully patched Windows 7.

    On the other hand a fully updated Windows 7 installation running Windows Defender and the Windows Firewall (both built-in) is probably more secure than a updated Ubuntu installation. The reason has already be stated. Every one can browse through the source code to find exploits. With things like SSH daemon running by default (allowing ‘remote root’) through the firewall there is the possibility of someone logging/cracking into your system without you even noticing.

  • Richard Carpenter

    Linux is extremely vulnerable, because, like you said, anyone can look at the code. It is very good at stopping certain attacks, but is really vulnerable to most basic attacks.

    There is a single command (rm) that can delete everything if ran carelessly, or maliciously…

    Linux/Unix servers can be hardened, but it is a drawn out process. A newly installed linux distro is far more vulnerable than a new Windows box, the difference is it is not being really targeted yet.

    Also, the Mac malware that has been seen in the wild could easily be ported to any major distro.

    Security by Obscurity is not a good answer any more.

    • Dalsan

      It may not make it safer, but less active to see the scale of malware that Windows has. It would be like saying a highway is safer with less traffic; in a sense it is as there would be less to deal with, but no since the only safe highway is one that is not used. There is no such thing as a safe operating system or program.

    • Richard Carpenter

      This is true, but Linux is aging. Compared to current Windows, Linux is defenceless… and it will not get much better any time soon.

  • Dalsan

    Another factor to the security is that it is the lesser used operating system in households and businesses. This was also the reason Apple’s computers were hacked into less and had less malware until recently. If it isn’t lucrative, then there is less reason to waste the effort and time on it. If Linux ever gets close to the same usage base as Windows or Apple has, then the same amount of problems with malware and hacking would appear. But, as Bruce said, open source has a big advantage over this, too.

Load 10 more
Ads by Google
New comment

Please login to avoid entering captcha

Log In