I’m so sorry …
Linus Torvalds wrote the Linux kernel for cheap PC machines to have a UNIX-like clone for people who owns a PC, but any bigger class computers.
I would say not meant for a mainframe – that era’s ( last century ninety’s ) most complex and expensive computer class … so that was finally was ported to there as well was a progressive success that lifted the Linux distros to almost everywhere !..
Look at that Risc-V platform as well … the running OS on it also some Linux distros …
[OFF topic - Begin ]
It makes no sense to hateany OSes – it is the same as always : don’t use it !.. if you are not satisfied with it basically or after using for a while, but anymore.
You can spare unneeded sorrow feelings if you leave such stressful stuff easily without hesitation and long lasting negative emotions …
They were spreading via sneaker net and unless you didn’t use Word (we didn’t) the chance of a virus was drastically reduce. But we did have things in place (AV software when it did come out) to reduce the chance of viruses.
I was wrong the way I said it. If you use non-Microsoft software, especially if you use something where not a lot of people use it, and you can control where the files live and what files are allowed to be added to your system then the chances of getting a virus are/were drastically reduced.
The organization that I USED to work for let me pick what OS and what programs we used as long as they were compatible with the file types of things that people sent us. We stripped out macros from files and unless that macro was required they didn’t get the macro. And if they really need the macro I put the file on a “spared” computer which I took off the network and analyzed the macro to see what it did and if it was safe to run. Then I let them have it.
It didn’t take much of my time so it was never a problem. But you are correct, there were viruses but we escaped them unscathed.
The way Haiku probably needs to go on security is to be more like recent versions of macOS and have the OS control access to certain directories/folders, prompting the user when software wants access to one of their directories. Similarly for network access. The nice and generic way to do this is with something called capabilities, which is actually a pretty old idea but it has had more of a resurgence in the last decade or so.
Capabilities could probably be added to the necessary syscalls that the kernel would enforce with maybe a userland server (registrar probably) caching capability choices per application.
Add a simple and secure login system for a single user plus disk encryption and I think things would be pretty secure (beyond of course bugs that could be exploited.)
Having multiple users would be lower priority in my opinion.
@wotef and @Akakor as mentioned a few posts up disk encryption already exists in the DriveEncryption tools and driver developed by @axeld. I believe it is already a working solution but am not sure what is blocking inclusion into Haiku.
I guess it’s mostly a matter of time, or rather, the lack of it. There also might be issues with the license of some of the encryption algorithms; DriveEncryption has to use the TrueCrypt license. I’m not sure, if that has been discussed yet.
I improved the situation a bit in recent months, at least it should now work fine in 64 bit as well, and compile with GCC 11, and I’ve also separated the encryption code better from the driver code.
Something that could be useful is that HaikuDepot behave differently as user or superuser. Not forcibly different installation paths (even if they already exists), but in user mode the updater wouldn’t ask questions and instead automatically chose the conservative option (the one that don’t uninstall more packages than those supposed to be updated).
