Linux is ubiquitous, and why that’s not always a good thing

As someone who has been using and working with unix and unix-like operating systems since the early 1980s, I am growing increasingly frustrated with linux.

Linux has become the defacto industry standard server platform for all things web. Certainly for any open source project. The problem is that everyone who develops on the linux platform seems to assume that because it’s ‘almost good enough’ with respect to security, that developing with linux assumptions is good enough for everyone.

But that’s not true. It’s not that linux is insecure, but rather that many choices have been made creating the popular linux distros that entail less security than can be achieved. And there’s the problem. Try to install a ‘produced on linux’ product on a more secure operating system, or an operating system with higher security settings, and the install will fail.

Examples include: wordpress, moodle, and elgg; all latest versions, and all who fail to install on a stock OpenBSD (ultra secure) OS. The problem is with permissions, ownership and groups. In order to install one of the above packages on OpenBSD, one is forced to change groups and file permissions from secure settings to much less secure settings before the install will succeed.

It’s all very frustrating. Taking an ultra-secure operating system and intentionally crippling some of the security just to get popular linux developed packages to install and run.

It’s not that linux itself is necessarily at fault, but rather the typical developer mentality of “it worked on my machine, so the problem is you”. This trend seems to pervade much modern software development. And that is not a good thing.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.