{{Header}}
{{Title|title=
Practical Security
}}
{{#seo:
|description=This page explains some of the practical security protections built into {{project_name_short}}. The focus on this page only is on simple, everyday explanations rather than deep technical detail.
}}
{{maintainability_mininav}}
{{intro|
This page explains some of the practical security protections built into {{project_name_short}}. The focus on this page only is on simple, everyday explanations rather than deep technical detail.
}}
= Target Audience =
{{mbox
| image   = [[File:Ambox_notice.png|40px|alt=notice]]
| text    = '''Layman (non-technical users) versus technical users...'''

* '''A) <u>Laymen</u> (non-technical <u>users</u>):''' This page is for you. It explains {{project_name_short}} in simple, practical, everyday terms.
* '''B) <u>Technical users</u>:''' If you prefer a detailed, technical, no-fluff comparison, see [[Comparison_with_Others|Security Operating System Comparison: Kicksecure vs Debian]].
}}

= SUID and User Separation: Containing the Threat =

Think of your Linux system as a big building with many rooms. Each room has a different purpose: one might store your website, another might keep your database, and another might handle the locks and keys. If every room used the same master key, then a burglar who breaks into one room would instantly have access to the entire building. That’s why Linux uses different "keys" (user accounts) to lock each room separately.

This is called user separation. It means that different services run under their own special accounts instead of all sharing the powerful master key (the root account). Running everything as root defeats the entire point of having locks at all.

For example, <code>nginx</code> (a popular web server) is set up on Debian (which {{project_name_short}} is based on) to run under its own dedicated Linux user account named <code>nginx</code>. The same goes for databases like <code>mysql</code>, which also gets its own account. Almost all Linux distributions follow this practice.

Now, imagine that the web server is hacked. If it’s running under the <code>nginx</code> account, then any malware is stuck inside that "room" with only the permissions of the <code>nginx</code> user. It can cause damage there, but it doesn’t automatically get the master key to the whole system.

Linux provides even more locks and barriers. Features like systemd security options or AppArmor can be thought of as adding bars on the windows and alarms on the doors, further limiting what malware is allowed to do.

Of course, attackers don’t like being stuck. A common trick they use to escape their "room" is by abusing [[SUID_Disabler_and_Permission_Hardener#Introduction|SUID programs]] these are special programs that can temporarily grant extra privileges, like a hidden spare key.

That’s how [[SUID Disabler and Permission Hardener]] can help to improve system security. It reduces the number of spare keys lying around and makes it harder for malware to break free from its limited account.

The main idea is simple: by containing each program inside its own user account, you protect not just the database or the web server, but also the most important room in the building administrative ("root") account. See also [[Root#Rationale_for_Protecting_the_Root_Account|Rationale for Protecting the Root Account]].

<u>Note:</u> <code>nginx</code> and <code>mysql</code> are just examples. The same rules apply to any program that runs under its own account.

<u>Glossary:</u>

* <u>Root account:</u> The master key to your system. Whoever controls this account can do almost absolutely anything. Install software, change files, or even delete everything. If malware gets root, the entire system is lost.
* <u>User account:</u> A separate identity under which programs or people run. Each account has its own key and its own limits. This way, if one is broken into, the others remain safe.
* <u>User separation:</u> The practice of giving each service (like a web server or database) its own account. It’s like putting them in different locked rooms so that a break-in doesn’t spread everywhere.
* <u>SUID program:</u> A special kind of program that can hand out extra privileges when run. These are useful but dangerous, because attackers can use them as spare keys to escape their locked room.
* <u>systemd security features:</u> Extra security options built into Linux that restrict what services can do, such as preventing them from accessing certain files or functionality such as network. Systemd makes this functionality easily usable for developers.
* <u>AppArmor:</u> A security tool in Linux that enforces strict rules about what each program can access, like a guard making sure nobody sneaks into the wrong room.

= More Security Features =

{{project_name_short}} includes many more security protections beyond what is explained here.
For a detailed comparison, see [[Comparison_with_Others|Security Operating System Comparison: Kicksecure vs Debian]].

Additional features will be explained here on this wiki page over time. Stay tuned!

{{Footer}}
[[Category:Documentation]]