Best of 2021 – Torvalds’ Bug Warning is a Lesson for Linux Users 

As we head into 2021, we at DevOps.com wanted to highlight the most popular articles of the year. Here are the third in our Best of 2021 series.

Linux, at times, raises security concerns. While many users see it as the most secure, powerful and versatile operating system available – this is the opinion of this writer as well – security precautions still need to be taken.

A recent, well-publicized case made this point clear; The creator of Linux himself, Linus Torvalds, cautioned against using Linux version 5.12. Describing a “bad bug,” he wrote that the situation was “a mess,” due to the use of swap files when adding Linux updates. This sinister bug, in fact, had the potential to destroy entire root directories.

Some of the key points following this “mess” include: Be very careful when installing early Linux versions, especially those that involve swapping files instead of partitions, and in particular, despite Linux’s known security advantages, avoid getting complacent, because Linux security is not always foolproof.

Hence, while “the state of Linux security today is very good, and has evolved in a positive way with more visibility and security features being built, like many operating systems, you should install, configure and manage them with security in mind; this is how criminals take advantage of Internet , [via] “The Human Touch,” said Joseph Carson, chief security scientist and CISO consultant at Thycotic, a company that provides premium access management (PAM) solutions.

ugliness patch

As Torvalds noted a few weeks ago, “Most people don’t use the swap file, but the separate swap partition and the error in question only happens when you have a normal file system, and you put a file as a swap.”

“The bad news is that the reason we support swap files in the first place is because they have some flexibility, so some people use them for that reason. If that’s the case, don’t use them. [release candidate] RC1, Torvalds Books. “So, rename the tag.”

After issuing the warning, Torvalds released a patch that it says prevents the bug from destroying swap file systems. However, it may already be too late for the early adopters of 5.12. Ubuntu, one of the leading Linux distros, can swap files by default.

“It’s a bad mistake if you’re still using swap files,” Carson said. “If you are still using swap files, they may be affected, resulting in possible data loss or system corruption.”

DevOps teams — or anyone else running Linux and installing patches, whether on multiple servers or on individual workstations — still needs, of course, to follow strict best practices. “Like any operating system, security depends entirely on how you use, configure or manage the operating system,” Carson said. Every new Linux update attempts to improve security; However, to get the value, it must be enabled and configured properly. “

linux quality

The fact that Torvalds was so outspoken about the bug, in addition to the level of transparency that the Linux kernel provides, also illustrates one of the many reasons why Linux remains popular. Given that the Linux kernel, in one variety or another, is used “not only in about 50% of the world’s internet servers, but also in a large part of all our smartphones, it’s good to see this level of transparency in Global Security Research at New Net Technologies (NNT), a provider of compliance and “root level” cybersecurity programs.

“Linux’s security depends on its transparency. “The ability to review the distribution code,” Schrader says. “It is often forgotten that transparency also includes talking about mistakes, mistakes, those hateful mistakes.”

Citing statistics from the National Institute of Standards and Technology (NIST) Vulnerability Database, Schrader described how the Linux kernel, compared to the Windows family of desktop and server operating systems, shows better scores for overall vulnerabilities. The number of security vulnerabilities has also decreased over the past four years, while Microsoft’s operating systems are not showing the same trend, according to NIST’s National Vulnerability Database.

Since the popular Linux kernel is open source and transparent, it is possible to extrapolate that there are more guards of potential vulnerabilities than those who monitor vulnerabilities in closed systems. Some would argue that Microsoft has, at times, been less successful in discovering vulnerabilities and releasing much-needed patches.

However, Linux users should still be careful.

“However, for any Linux distribution, anyone using initial release candidates — in particular RC1 — must ensure that their development or build process is controlled by change, so that no mishaps lead to the bad bug being transmitted to the environment. production, Schrader said.

Leave a Comment