Top safe modification for Linux?
Top safe modification for Linux?
Linux offers strong security options by limiting root access during startup. Many distributions provide methods to prevent privilege escalation at boot. Restricting login to a specific user or requiring a password for root operations can significantly reduce vulnerabilities. Most malware depends on gaining elevated privileges, so disabling sudo and su effectively narrows the attack surface. Some distros even enforce this behavior automatically. If you're concerned about security, exploring these settings is a solid step.
It would be frustrating having to restart just to perform tasks needing root access, and it wouldn’t really boost security. Even quick restarts aren’t enough if I have to halt everything to install or update something. Some system components need higher privileges by design—for example, the security enforcement layer. If those parts are vulnerable, attackers could still gain control even without root access. Privilege escalation isn’t about needing sudo or su; it’s about exploiting software that always runs with elevated rights to do things the regular user shouldn’t be able to do.
Fedora Silverblue somewhat matches your needs, though it operates differently. It employs an immutable file system, making all files except the user’s home directory read-only. You’re limited to installing apps via flatpaks or using Appimages; the setup is very stable and secure. What sets it apart is that root login isn’t possible, which makes tasks needing it nearly impossible—though a workaround exists (I’m not sure what it is anymore). SteamOS 3.0 will implement a similar system, but it includes a developer mode that disables immutability.
Regarding why distros don’t match your vision, it’s mainly about convenience. Even with a quick boot time of just seven seconds, you still have to shut down and restart, losing work each time. Running commands like installing a browser becomes tedious, especially during updates.
Moreover, many distributions already allow disabling sudo or letting you log in as root by default, which helps prevent unauthorized access. This is common in enterprise setups because forcing root access isn’t practical for most users.
Considering this more, it seems risky for security. Users would likely always act as root to prevent restarts, similar to how everyone used admin accounts in Windows XP. Making it harder to run as root when necessary would probably force people to stay root all the time.
Addressing the main worries:
1. Frequent reboots could become frustrating. This isn’t ideal for everyday use, I agree. This setup is meant for a tough terminal running SSH, VPN, Tor and nothing else on an old Chromebook. Ideally, I’d prefer to completely block root access and reinstall the OS whenever a major update is needed. If I can automate the installation process down to just one button press, I could run it weekly with minimal effort—just wait for the install script to finish, then transfer my Keepass database and other critical files via SCP.
2. Running as root increases security risks. As discussed earlier, this isn’t a daily driver system. It’s designed for minimal installation focused on secure web browsing. It will be more restricted and secure than Tails or Whonix.
3. Immutable file systems are worth considering. I’ve heard about them and they seem suitable for my needs. I plan to test Silverblue on my ESXI host later to see how it performs.
4. Worth the effort? Removing sudo and su might add little extra protection unless you have a strong password. Fedora Silverblue or hardened Gentoo would likely offer better security. If you update regularly and use only SSH, FTP and web-console admin tasks, they’re hard to compromise—especially when connected via SSL to your own network, particularly in a LAN setting. Any recommendations?
Edited December 6, 2021 by Dangerous Thinking
I'm not sure which distribution you're using. You mentioned having the ability to boot as root, which isn't common. It seems like you're concerned about security and privacy. The prompt about asking for a password during software installation is standard practice.
I think you can configure the system to run in single-user mode with grub, which would likely start it in root access... however, I’m aware this introduces significant security risks you shouldn’t ignore.
This setup is also how Android functions (I’m pretty sure iOS/iPad OS works similarly, and macOS Catalina remains unchanged too). The core operating system resides on a read-only partition. As someone in the mobile sector (sales representative), I truly appreciate this configuration. The sheer number of reckless actions people take with their devices by installing questionable software amazes me. Having straightforward root access could further damage these gadgets. That’s why I’m not against default bootloader restrictions. My only concern is that manufacturers and carriers should allow unlocking if desired. I believe distros aimed at beginners should consider immutability as a feature. It’s ideal for users who aren’t tech-savvy, as it reduces the risk of mistakes (or issues like the Pop Steam bug wiping out a device).
I completely agree. I’ll stick with my non-immutable distributions because I understand what I’m doing and have Timeshift configured. I’ve broken systems before, so immutability adds extra protection. My main worry was when Valve said SteamOS 3.0 will run on Arch, but once they confirmed it would be immutable, those concerns disappeared. Updates now get tested and released as images, which removes most of the downsides. The only criticism I have is that package management remains inferior to traditional distros since you depend on flatpaks and appimages. There are still many features missing or unavailable in those formats. Still, the issue lies with the flatpak maintainers—if immutable distros like SteamOS 3.0 succeed, more developers will focus on them, improving them significantly.