I’m not trying to be rude but none of these points are true. I imagine you’re confusing a single Linux distribution and their architecture with being representative of Linux as a whole. You can indeed spin an unprivileged, immutable distribution with SELinux for MAC, hardened kernel, and so much more, which would blow Android et al out of the water.
I’m basing this all on the Android documentation along with my experience on desktop Linux. I would love if there was a Linux system that was as solid as Android but I haven’t seen anything as of yet.
Build it. Gentoo, Arch, and any other minimalist distro where there’s less userspace fluff out of the box can easily be configured to be incredibly hardened.
Your looking for a desktop distribution that doesn’t really exist out of the box (perhaps Qubes). Android is a mobile OS for a reason and has a different architecture in userspace to accommodate for is threat model and use cases.
Just because desktop distros don’t typically lock down userspace out of the box doesn’t mean it’s not possible.
No specific sources as this is just generic Linux. Just look up hardening guides for various distros like Arch etc.
I’m not trying to be rude but none of these points are true. I imagine you’re confusing a single Linux distribution and their architecture with being representative of Linux as a whole. You can indeed spin an unprivileged, immutable distribution with SELinux for MAC, hardened kernel, and so much more, which would blow Android et al out of the water.
Source?
I’m basing this all on the Android documentation along with my experience on desktop Linux. I would love if there was a Linux system that was as solid as Android but I haven’t seen anything as of yet.
Build it. Gentoo, Arch, and any other minimalist distro where there’s less userspace fluff out of the box can easily be configured to be incredibly hardened.
Your looking for a desktop distribution that doesn’t really exist out of the box (perhaps Qubes). Android is a mobile OS for a reason and has a different architecture in userspace to accommodate for is threat model and use cases.
Just because desktop distros don’t typically lock down userspace out of the box doesn’t mean it’s not possible.
No specific sources as this is just generic Linux. Just look up hardening guides for various distros like Arch etc.