this post was submitted on 23 Jun 2025
81 points (96.6% liked)
Linux
55741 readers
913 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I haven’t heard of any such cases, but it is a smaller pool of users. Also, many desktop Linux users know more about using a computer than other operating system users, since it’s less common for Linux to come preinstalled. So that may affect it, too.
I imagine vulnerabilities with the Linux kernel or common utilities do apply to desktop users as well, which is a good reminder why staying up-to-date is important. But to my understanding, exploiting remotely would need a way of sending data to the target. And most desktop computers won’t have ports open to the internet for anyone like servers will.
I know that Wayland’s design does make it more difficult for a user-mode program to act maliciously, like as key-loggers or reading the clipboard.
~~There, I fixed it for you.~~
This is about desktop Linux, so I was wrong to correct you. My bad.
All good! You're still totally right; outside of the context, Linux has quite the user base with servers, embedded devices, and even phones, if we count Android. I think that’s relevant because it means we can’t rely on “security by obscurity”.
Sorry, can you tell me more about this?
Sorry for the late reply. Also @Cricket’s response is great and actually references a source!
Anecdotally though, as a user, I’ve noticed that some things require extra permissions. Usually there’s a prompt from the operating system that’ll ask for permission capture the desktop, which lets me specify which window or monitor to share. It uses the “XDG Desktop Portal”, which was already what allowed Flatpaks to securely access OS resources, and it has a whole bunch of different requests for resources and permissions. It’s similar to a web browser, where it’ll prompt you for privileges when an app wants them.
The hardest pain point for me has been that an app cannot detect keyboard input if it isn’t focused. This could prevent key loggers, but it also makes global shortcuts not work. There is a protocol that allows an app to request a key be forwarded to it, but it’s not widely implemented in apps (discord, for example) and I’ve had to rely on workarounds.
I found this: https://www.linuxmo.com/wayland-vs-x11-the-battle-of-display-protocols/#penci-Security_and_Isolation