While developed and supported with the best of intentions, Linux is still based on a wide range of different applications and systems working together. From the free software perspective this is its power; many people working together to produce a top quality operating system.
From a security stand point it can also be a curse. Although with full access to the source code you know exactly what different components are doing, the disparate nature of the applications can mean that securing all of the applications and services in Linux is significantly more difficult. For example, securing a web server may involve configuring Apache, transport layer security tools and OpenLDAP. Knowing how to correctly configure each of these units for security, rather than straightforward operation, can be difficult at worst and time consuming at best...
This review was originally published in Issue 7 of FSM. Please click here to read the full review.