As we close 2021, we at DevOps.com wanted to highlight the most popular posts of the year. This is the third in our Best of 2021 series.
Linux sometimes raises security concerns. While many users consider it the most secure, robust and versatile operating system available – this is also the opinion of this writer – security precautions should always be taken.
A recent, widely publicized case illustrated this point; The creator of Linux himself, Linus Torvalds, has cautioned against using Linux version 5.12. He described a “nasty bug” and wrote that the situation is a “mess”, due to the use of paging files when adding Linux updates. This nasty bug, in fact, had the potential to destroy entire root directories.
Here are some of the main things to remember after this “mess”: Be very careful when installing early versions of Linux, especially those that involve swapping files instead of partitions, and most importantly, despite the benefits. well-known Linux security, avoid becoming complacent, because Linux security is not always foolproof.
Therefore, while “the state of Linux security today is quite good and has evolved positively with more visibility and built-in security features, like many operating systems, you need to install it, configure and manage it with security in mind; this is how cybercriminals take advantage, [via] the human touch, ”said Joseph Carson, chief security scientist and CISO advisory at Thycotic, a provider of privileged access management (PAM) solutions.
A patch for wickedness
Like Torvalds rated a few weeks ago, “most people don’t use a swap file, but a separate swap partition and the bug in question really only happens when you have a normal file system and put a file as an interchange. “
“The bad news is that the reason we support paging files in the first place is that they end up having advantages in terms of flexibility, and so some people use them for that reason. If so, do not use [release candidate] RC1, ”Torvalds wrote. “So renaming the tag.”
After issuing the warning, Torvalds released a patch that they believe prevents the bug from destroying paging file systems. However, it might already be too late for early adopters of version 5.12. Ubuntu, one of the main Linux distributions, can exchange files by default.
“It’s a nasty bug if you’re still using paging files,” Carson said. “If you are still using paging files, you could be affected, which could lead to potential data loss or a corrupted system. “
DevOps teams – or anyone else running Linux and installing patches, whether on multiple servers or on individual workstations – should always, of course, follow strict best practices. “Like any operating system, security is completely dependent on how you use, configure, or manage the operating system,” Carson said. “Every new Linux update tries to improve security; However, to get the value, you need to enable and configure it correctly. “
The fact that Torvalds has been so open about the bug, along with the level of transparency offered by the Linux kernel, also demonstrates one of the many reasons Linux remains popular. Since the Linux kernel, in one variety or another, is used “not only in about 50% of the world’s internet servers, but a substantial portion of all of our smartphones as well, it is good to see this level of transparency at “At the root level,” said Dirk Schrader, global vice president of security research at New Net Technologies (NNT), which provides cybersecurity and compliance software.
“Linux security relies on its transparency; the ability to review the code of a distribution, ”explains Schrader. “We often forget that transparency also means talking about errors, mistakes, these nasty bugs. “
Citing National Institute of Standards and Technology (NIST) vulnerability database statisticsSchrader described how, compared to the Windows family of desktop and server operating systems, for example, the Linux kernel performs better for overall vulnerabilities. The number of vulnerabilities has also declined over the past four years, while Microsoft’s operating systems do not show the same trend, according to the NIST National Vulnerability Database.
Since Linux’s famous kernel is open source and transparent, it is possible to extrapolate that there are a greater number of potential vulnerability watchdogs compared to those that monitor vulnerabilities in closed systems. Some would say that Microsoft has sometimes been less successful in detecting vulnerabilities and the publication of necessary fixes.
However, Linux users should always remain vigilant.
“However, for all Linux distributions, anyone using the early candidate versions – RC1 in particular – should ensure that their own development or build process is subject to change control, so that no incident transfers the nasty bug in a production environment, “Schrader said.