azha@lemm.ee to linuxmemes@lemmy.worldEnglish · 1 month agoWe dont need onelemm.eeexternal-linkmessage-square95fedilinkarrow-up1701arrow-down159
arrow-up1642arrow-down1external-linkWe dont need onelemm.eeazha@lemm.ee to linuxmemes@lemmy.worldEnglish · 1 month agomessage-square95fedilink
minus-square🦄🦄🦄@feddit.orglinkfedilinkarrow-up4·1 month agoI was just wondering, would immutable distros be even less affected than Unix systems in general?
minus-squareGreenKnight23@lemmy.worldlinkfedilinkarrow-up4·1 month agodepends. is your bios writable? do programs stay written to memory after cycle?
minus-squareJoYo@lemmy.mllinkfedilinkEnglisharrow-up1·1 month agois that the goal with immutable distros? i thought they were primarily used for rollbacks.
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up2arrow-down1·1 month agoThere is no security benefit with immutable Linux
minus-square🦄🦄🦄@feddit.orglinkfedilinkarrow-up1·1 month agoCan you elaborate? Wouldn’t malware need to install something which would not happen on an immutable?
minus-squareEnsignWashout@startrek.websitelinkfedilinkarrow-up3·1 month agoImmutable distros can usually be set to mutable with the correct privileged command. It’s essentially security by obscurity. But I disagree with “no benefit”. An infection miss through dumb luck is still a miss, after all.
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up1·1 month agoIf malware has root access it can do whatever it wants Things like SElinux and sandboxing is what secures systems.
I was just wondering, would immutable distros be even less affected than Unix systems in general?
depends.
is your bios writable?
do programs stay written to memory after cycle?
is that the goal with immutable distros? i thought they were primarily used for rollbacks.
There is no security benefit with immutable Linux
Can you elaborate? Wouldn’t malware need to install something which would not happen on an immutable?
Immutable distros can usually be set to mutable with the correct privileged command.
It’s essentially security by obscurity. But I disagree with “no benefit”. An infection miss through dumb luck is still a miss, after all.
If malware has root access it can do whatever it wants
Things like SElinux and sandboxing is what secures systems.