While Linux security has always been a hot button issue, a series of comments have recently reignited the war over whether or not the popular open-source kernel can ever be considered truly secure. Proponents of other operating system architectures, including that of OpenBSD, have pointed out that GNU/Linux as an operating system consists of what’s essentially millions of lines of code. This amount of code can’t be audited by humans.
A few prominent Linux security experts have long argued that Linux is as a whole secure by obscurity, since the operating system simply doesn’t command as much of the market as other platforms. While this might still be true insofar as desktop usage goes, a recent W3Techs survey showed over 60 percent of all sites online using Linux to power their servers as of June 7. The same survey showed less than 1 percent using some form of BSD, which would insinuate that obscurity could be achieved on servers by using a BSD variant.
Moreover, this doesn’t include routers and other embedded systems that run miniature Linux distros nor Android devices running a modified version of the Linux kernel. This combined with the fact that Linux truly does have an unbelievable amount of code starts to bring into question just how secure it is as well as helps to illustrate how safe operating systems like OpenBSD are.
Some members of the GNU/Linux community have been quick to point out the fact that OpenBSD and the other *BSD operating systems don’t offer as many features or support as wide range of hardware as their preferred operating system does. Nevertheless, all additional levels of support bring with it the possibility of additional vulnerabilities.
OpenBSD isn’t locked per say, but this method of development does make it possible to prevent many types of vulnerabilities on top of the basic security protections that all Unix-like operating system environments enjoy.
In spite of this piece of recent news, it does appear that most GNU/Linux implementations are still more secure than many commercial application platforms. This should come as a welcome revelation to those many server administrators using it.