Wednesday, November 13, 2013

Sandbox? What Sandbox? -- Fedora Has You Covered

by Dietrich Schmitz

It's not something the average user thinks about -- security.  But as with most Linux Distributions (Distro) Fedora, a Red Hat community-based Distro, has some things going for it that are not apparent.

The single biggest asset going for Fedora is security.  You see, just about everything you do while on Fedora is under what's called 'Mandatory Access Control'.  That's security-speak for basically having everything you do 'watched' by a third-party 'Linux Security Module', (LSM) including even actions taken by the system kernel.  That may not mean much to you but to system administrators and security experts alike, it is 'peace of mind'.

Simply put, bad things won't happen on Fedora's watch.

No, unlike Microsoft Windows, this 'third-party' is always cross-checking what your PC is doing and if anything isn't in your SELinux 'policy' say trying to gain administrative privilege to control your system without your expressed permission, SELinux steps in and kills the process.

That's the way security should be.  And you can rest assured your PC won't be hit by silent 'drive-by' javascript DLL injection attack as is still prevelant with Microsoft Windows legacy x86; even Windows 8.1 uses the legacy WinNT 2000 kernel.  That's ancient by today's standards and it is fraught with security issues like the one described above.

I've written about how Google's Engineers have posted a general 'disclaimer' on their website for Chrome that effectively says:  
"W'eve tried our best to sandbox Chrome on Windows, but we can't guarantee you won't get infected.  Sorry."  (shrugs)

So, if you've been bitten one too many times by a virus from out of nowhere on Windows, maybe now is a good time for you to make a switch for the better.

Get smart.  Get Fedora Linux with LSM SELinux found here:
Fedora has you covered.  Be safe. -- Dietrich
Enhanced by Zemanta


Post a Comment