Linux Security Concern: Torvalds’ Bug Warning 2021
Linux is generally considered to be the most robust and secure operating system because it is open-source and has a very large community of users and developers who can contribute to its ongoing development. This means that any known issues with the operating system are quickly identified and fixed by members of the community, often before they become major problems for most Linux users.
Because Linux is open-source, many different versions or “distributions” of Linux are available, which each offer different features or customizations that can appeal to a wide variety of users.
This also means that there is often a lot of community support available for specific versions of Linux, such as the Ubuntu or Mint distributions.
Torvalds warns Linux users
In March 2021, Linux creator Linus Torvalds sent a message to the Linux Kernel Mailing List to warn them not to use the 5.12-rc1 kernel in his public git tree.
He wrote of a “nasty bug” in the code that could potentially lead to a crash or data corruption, and urged Linux users to be cautious when using this version of the kernel. While he acknowledged that the bug was likely already fixed in later versions of the software, Torvalds emphasized that it was important for developers to know about potential security issues like this so they could take steps to protect their systems.
Despite his warning, many Linux users continued to use the 5.12-rc1 kernel in their systems, and some even reported that they had experienced crashes or data loss as a result of this bug. While it is impossible to know how widespread the issue was, this incident serves as a reminder to all Linux users to be vigilant about the security of their software, and always take steps to protect themselves from potential vulnerabilities.
Swapping: The specifics of Torvalds warning for Linux users
The specifics of the “bug” is in regard to “swapping”. Torvalds wrote “swapping still happened, but it happened to the wrong part of the filesystem, with the obvious catastrophic end results.”
The danger is that root directories could technically be destroyed if swapping was to happen in the wrong part of the filesystem.
Torvalds explained that if you are not using swap, then you wouldn’t be affected by the bug.
Despite Torvalds warning, swapping offers flexibility
Torvalds continued and explained that “The bad news is that the reason we support swap files in the first place is that they do end up having some flexibility advantages, and so some people do use them for that reason. If so, do not use [release candidate] RC1.”
Essentially swap files do give users some flexibility advantages by allowing them to save and modify their data, even when they don’t have enough memory available. This can be especially useful when working on large projects or with complex software programs that require a lot of processing power.
Ubuntu a cause for cause in Torvalds swap file warning
For years Ubuntu, which is easily the most widely deployed Linux distribution, has installed swap files by default . This has been a source of frustration for Linux creator Linus Torvalds, who recently urged users to switch to swap partitions instead.
Swap files are used as extra storage space when a computer’s RAM is overloaded, and they can be created dynamically. However, Linus argues that swap files are less secure, slower to access, and slightly less reliable than swap partitions.
While many users may not notice a big difference between swap files and partitions, Torvalds encourages users to switch to the latter, as it is a more effective way of handling excess memory. If you’re looking for a more efficient way to manage your Ubuntu system, it may be worth considering switching to swap partitions.
Powered by Ubuntu, this Linux OS is known for its ease of use and reliability, making it a great choice for both new and experienced users, hence its popularity.
However this vulnerability definitely made people think twice.
Linux Users: You shouldn't need Torvalds to warn you
This should go without saying but don’t jump into deploying code that hasn’t been rigorously test and validated. Even if that code is running on the Linux platform, you should still be cautious. Bugs in a program can have huge consequences, and ignoring this is a grave mistake regardless of the OS.
Linux users, it’s important to be aware that even though Linux is known for its stability, you should never blindly jump into deploying untested code on any platform. No matter how reliable a piece of software might be, there is always a chance that a bug could slip through the cracks and cause serious damage.
So before you deploy any new code to your Linux environment, make sure that you have thoroughly tested and vetted it first. This means running rigorous tests to uncover any potential issues, and doing your research to ensure that the code is safe and reliable.
By taking these precautions, you can help minimize the risks of running untested code on your Linux system – and help keep your data and systems secure.
Other posts and articles you may be interested in.