Linux – When does the Puppy linux security model make sense

puppy-linuxSecurity

I have just spent a few hours playing with Puppy linux, which has some very nice features, but there are some things about its approach to security (at least the default settings) that worry me:

  1. It seems that the intended way to use it is to run everything as root
  2. There is no password for root (by default– of course I could add one)
  3. There is no automated (or even a simple non-automated) way of getting security updates for packages, as far as I can tell. (I might have missed something.)

I have always had drummed into my head the importance of having a complex password, of not browsing the internet as an admin/root user, and of keeping system software (and browser, and plugins) up to date with patches for the latest vulnerabilities. However, despite what looks to me like a recipe for disaster (outlined above), Puppy is popular enough to have a lot of spin-offs, so there must be scenarios in which the apparent lack of security is a non-issue. What are they?

Best Answer

Puppy is a toy distro, for hobbyists. That is the only scenario where the Puppy (lack of) security model makes sense.

Agencies which study information security publish mitigation strategies based on the statistics of intrusions they see. Here is the Australian government's list:

http://dsd.gov.au/infosec/top-mitigations/top35mitigationstrategies-list.htm

They estimate that following the top 4 strategies would stop 85% of intrusions. These are:

  1. Patch applications e.g. PDF viewer, Flash Player, Microsoft Office and Java. Patch or mitigate within two days for high risk vulnerabilities. Use the latest version of applications.

  2. Patch operating system vulnerabilities. Patch or mitigate within two days for high risk vulnerabilities. Use the latest operating system version.

  3. Minimise the number of users with domain or local administrative privileges. Such users should use a separate unprivileged account for email and web browsing.

  4. Application whitelisting to help prevent malicious software and other unapproved programs from running e.g. by using Microsoft Software Restriction Policies or AppLocker.

Puppy fails on all of these counts. Serious distros such as Fedora, OpenSUSE, Debian etc. are far more secure. These distros all have active security mailing lists which provide timely security patches, offer Application whitelisting via AppArmor and/or SELinux and of course, don't run everything as root (honestly, wtf?).

If you value your security, don't use Puppy for anything serious.

Related Question