Linux is not a secure desktop operating system. However, there are steps you can take to harden it, reduce its attack surface, and improve its privacy.
Before we start…
Some of the sections will include mentions of unofficial builds of packages like linux‑hardened, akmod, hardened_malloc, and so on. These are not endorsements — they are merely to show that you have options to easily obtain and update these packages. Using unofficial builds of packages means adding more parties to trust, and you have to evaluate whether it is worth doing so for the potential privacy/security benefits or not.
I’m pretty excited to see this. A long time ago I had a macOS hardening guide, and it had lots of great ideas too.
I would personally stay away from installing anything (for security purposes, at least) that wasn’t part of your official distribution. I think there’s more safety to be had staying with high visibility, high use packages.
Yeah, Theses advices are really great to learn or consolide knowledge. The main orientation of this post is for servers I think and some powersUsers ?
An desktop on an PC is less critial if we stay with main sources and packages of an distribution. I speak in “generally” ofc.
I did not know this despite using Fedora as my main OS on my desktop. Thank you so much for sharing!
U have already a lot to do with apparmor I guess :D Its already something XD