What does the strict user privilege model give Linux?

Excellent security. The strict Linux user privilege model severely restricts root access. In this model, all privileges belong to the superuser, and ordinary users are granted only permissions sufficient to perform normal tasks. Since ordinary Linux users have low access rights and require additional permissions to open attachments, access files, or configure kernel parameters, it is much more difficult to distribute malware on a Linux system than on a system running another OS.

Although it is possible to implement administration models with the least privileges in Windows systems, organizations rarely use such security measures, which is why in most Windows systems “everyone is an administrator”. As a result, malware and viruses spread much more easily on Windows-based systems than on Linux-based systems.

Security through Diversity

Linux users have access to many distributions that differ from each other in architecture and system components. The high level of diversity possible in the Linux environment not only helps to meet the different needs of users, but also makes Linux a less attractive target for attackers, since the diversity of distributions makes it difficult to effectively develop exploits.

Although Linux is considered a secure OS, there are various specialized distributions designed for people with high security and privacy requirements, such as pentesters, reverse engineers and information security specialists. In these distributions, special attention is paid to protecting the privacy and anonymity of the user on the Internet.

Linux Kernel Security

The Linux kernel offers several excellent built-in protections:

UEFI Secure Boot Firmware Verification Mechanism;

Linux Kernel Lockdown is a configuration option that does not allow the superuser to change the kernel code. In case of hacking the superuser account, Kernel Lockdown will make it much more difficult for an attacker to hack the rest of the OS. Lockdown has two modes: integrity mode and privacy mode. Enabling the lock in integrity mode blocks the kernel functions, not allowing you to change the running kernel in any way. And enabling blocking in privacy mode blocks the ability to extract confidential information from a running kernel.

SELinux and AppArmor are two Linux kernel security modules that can be used to lock Linux systems using the Mandatory Access Control (MAC) subsystem. These modules give administrators full control over the security of their systems, protect against server misconfiguration, software vulnerabilities and zero-day exploits.

Smack (Simplified Mandatory Access Control Kernel) provides another way to implement MAC on Linux. This simple Linux kernel security module protects data and processes from intruders using a set of user-defined mandatory access control rules.