Is Linux more Secure than the other Operating Systems?
A brief about OS
Before getting into why is linux more secure than other operating systems, let us have a look into the brief on Operating Systems. Operating System is a software, that manages all hardware resources associated with the computer. Generally, Operating System is comprised of number of pieces such as the Boot loader, the Kernel, Daemons, Desktop environment and applications. Typically, OS is deployed in any system when multi-tasking required to be performed, which is achieved by resource management functionality of the OS as mentioned above.
Along with that, the user also requires interface with the system to interact and invoke various applications. In modern day OS, these interfaces (popularly known as GUI) are expected to provide best-in-class User Experience (UX) to the users, by making it easy to use the system.
Understanding Linux
Linux is a free, open-source software OS distribution built around Linux Kernel. It was first developed for personal computers based on x86 architecture. From initial days, Linux has grown leaps and bounds which is now supporting every popular architecture that we can think of (ex: ARM). To suite any type of user / customer requirements, Linux has a number of different versions. They are called as “distributions” or “distros” in short. Popular distributions are Ubuntu (Normal user), Suse / Redhat (Enterprise servers), Cent OS (Cloud platforms). In fact, Android is also based on Linux Kernel, which has become very popular OS for mobile phones and embedded devices. There are more flavor/versions of Linux available other than the above mentioned.
Linux and Security:
Linux systems are rarely infected by malware such as viruses, worms etc, thereby making it as a very secure OS. As a normal user, we will never come across a situation where Antivirus software is been sold for Linux. This means, Linux is inherently secure and there are many reasons associated with it. Let us look into the key reasons that describes why is linux more secure than other operating systems.
- Privileges
To start with, Linux has clearly defined privileges at multiple levels, thereby restricting access. For example, there is a ‘root’ level access rights (which you can relate with ‘administrator’ in any OS) which are not given to any normal user. Users are given access only to lower level accounts with limited access. When a Linux system is compromised, virus or malware will not get the root access to damage system wide. Only local files and programs of users will be affected, as the normal user will not have access permission to all the files in the system. This leads to least effect of virus in systems with Linux. As Linux users don’t have root access, it is difficult to cause damage on Linux.
- Open Source
As most of you may be aware, Linux Kernel is an open source software. This means the code is developed and maintained by set of highly passionate individuals who is often called as “community”. Since the beginning of Linux, its creator Linus Torvalds has been a strong supporter of getting more “eye-balls” looking into the code. This means the more people see the code and review or test it, the quality improves. Even though this concept applies to all open source software development, for Linux it is followed very religiously.
The Linux Kernel development happens in a highly process oriented, engineered approach. The whole source code is divided into multiple subsystems (ex: Memory management) which is maintained by a subsystem maintainers. This maintainer, with a set of reviewers thoroughly review each and every change that is getting into the mainline Kernel thereby making it secure by design. The image given below gives a glimpse of this development process.
- Memory management
Memory access and management plays a key role in security of an OS. There are various memory management models adapted by different Operating Systems. In this blog, let us compare Linux with another operating system – VxWorks.
In OS like VxWorks, ‘flat memory model’ is been followed, where user space and kernel space are not well separated. Here, the system allocates memory in the physical address space. Typical VxWorks doesn’t have virtual memory support (however it can be added / enabled). Since physical memory is directly available for access, security threat prevails in this Operating System, as the malware programs can manipulate the memory and eventually bring down the system.
Whereas in Linux, user space and kernel space are well separated. Here, actual physical address allocated for any process will not be displayed to users. For example, try printing address of parent process and child process created using fork() system call. Address of both parent and child processes will be the same which is the virtual address. This is because, any application can access only the virtual address which is mapped to the physical address. Due to this, no damage can be made to actual physical address space. This way of managing memory makes Linux more secure.
Conclusion
Security is a very fast and evolving topic! Given the fact that Linux is an Open Source and many “eye-balls” are watching it, many of the security issues are taken care by releasing frequent patches. Added go that there are some OS design level aspects like memory management, user / kernel memory space separation, virtual memory, log management, file access control makes it all the more secure when it comes to security.
However, Linux systems are not certainly flawless, no operating system is. Using Linux can reduces the chances of security breach. What makes an Operating System secure is purely based on how the OS is used. Linux in wrong hands may lead to security breach. User’s choice matters the more in making Linux a secure OS, whatever the flavor may be!
