All Linux binaries are compiled with PIE nowadays. You can run `checksec` on any binaries on Ubuntu, and it will have those properties.
(You can install checksec with `pip install pwntools`).
On the other hand, GLIBC has, to my knowledge, the most hardened heap implementation out there. And there are more mitigations for double-free and other heap exploits on GLIBC.
So in that regard, Alpine is less secure by using musl. Having a small, understandable system is a real advantage when it comes to security.
It was pretty clear to me that the comment was a description of the respective characteristics of glibc and musl in terms of security, while avoiding any conclusion: glibc has heap hardening, which is good for security, but a complex codebase, which is bad for security. Meanwhile, musl is small and understandable, which is good for security, but with a naive codebase that lacks hardening, which is bad for security. Which is better is intentionally left to the reader to avoid flamewars.
That's a charitable reading but it doesn't track with what they actually said. The first paragraph says that all modern Linux binaries are compiled with PIE, so Alpine has no advantage there. The second paragraph says that glibc is more secure than musl heap-wise. The third paragraph is the conclusion, which is that Alpine is less secure because it uses musl.
A sentence thrown on to the end of the conclusion should normally be read as reemphasizing the reasons for the conclusion unless it starts with a word like "though" or "however".
If you're smart enough to construct this analysis and critique, then you're smart enough to have reached the same conclusion the parent and I did.
I'm not charitable, it's just what made sense, like mentally fixing a typo instead of acting like you don't know, and can't figure out from context what someone meant just because they flubbed a letter or a word or something.
When a letter gets flubbed, it's nearly always possible to correct it from context alone. When a word is missing, it's sometimes possible to retrieve the original meaning but other times the missing word creates an ambiguity and you have to just pick a meaning. Faced with the ambiguity, your brain jumped in one direction, mine in another. You landed on the correct answer, I didn't, but there's no need to imply that my reconstruction was done in bad faith.
> I'm not charitable, it's just what made sense, like mentally fixing a typo instead of acting like you don't know, and can't figure out from context what someone meant just because they flubbed a letter or a word or something.
I mean, that's just what's called in Philosophy the principle of charity [0]. When evaluating a claim you should read it in its best light, which include glossing over minor inaccuracies and going straight to the main point.
So in that regard, Alpine is less secure by using musl. However, having a small and understandable system is a real advantage when it comes to security.
A line break in between the two sentences of the last paragraph may have made the commenter’s point clearer.
It seems to be they were only comparing the relatives benefits/drawbacks of glibc and musl, but with the way it is written the pro-musl comment feels out of place.
I run checksec on everything all the time and on all my Alpine nodes all the processes come back like this not pasting the full output for brevity... I have never see anything built by Alpine missing these flags.
COMMAND PID RELRO STACK CANARY NX/PaX PIE
init 1 Full RELRO Canary found NX enabled PIE enabled
[snip...]
crond 422838 Full RELRO Canary found NX enabled PIE enabled
> On the other hand, GLIBC has, to my knowledge, the most hardened heap implementation out there. And there are more mitigations for double-free and other heap exploits on GLIBC.
Re: Linux security, if someone can run any code at all on your system, you're screwed. Linux is swiss cheese. The only reason it isn't just as overrun with malware as Windows is nobody uses Linux for a desktop, so malware authors don't really try. (honestly I'd say modern Windows and MacOS both have a superior security architecture)
Linux distributions just have a different security model, based on trust. Maintainers form with developers a chain of trust from the repo to your machine.
Windows and MacOS on the other hand have an untrusted security model, everything is assumed to be potentially dangerous.
You're really not adding good content here. This is crap, that gets owned all the time... Why? What's the actual comparison? What model/approach makes the difference?
Please add something meaningful. Otherwise it's just ranting/fanboying over your preferences - we can be better than that on this board.
We really can't. Even if I reply with reasons, they will just be argued, ignored or downvoted by people who don't know what they're talking about. People only believe what they want to believe, or whatever a famous person says. (not to mention none of the people replying to me are providing any contrary evidence, just more spurious claims, but those with unpopular opinions get the downvotes)
Have you actually looked at the 0days? Almost always it's confined within the sandbox. You have to chain it with an sandbox breakout exploit to make it useful.
> ChromeOS, one of the more secure operating system s (behind QubesOS, on par with Android and iOS)
I don't know what features ChromeOS has over Linux but I wouldn't considered Android or iOS particularly secure, and Qubes isn't either directly, it's just a tool that can help in some cases.
All Linux binaries are compiled with PIE nowadays. You can run `checksec` on any binaries on Ubuntu, and it will have those properties. (You can install checksec with `pip install pwntools`).
On the other hand, GLIBC has, to my knowledge, the most hardened heap implementation out there. And there are more mitigations for double-free and other heap exploits on GLIBC.
So in that regard, Alpine is less secure by using musl. Having a small, understandable system is a real advantage when it comes to security.