Originally Posted by Torvi
hey i wonder about leaving like 100 gb of hdd for a linux partition, i will be mostly viewing "sites" trough linux but im aware that stuff can infect non linux partitions and i wonder if it's possible to "lock" windows os partitions for linux like if im on linux i just wont see that there is anything more but that one partition specified for linux.
I think your bigger worry there should be if Linux gets infected because nothing can touch those Windows partitions within Linux without first attacking Linux. So the real question now is how secure is your Linux box?
Thankfully Linux is safer from dodgy websites than Windows is; partly because fewer attacks target Linux desktops
(note: desktops, not servers. Important to make that distinction, but for reasons not worth discussing right now), and partly because Linux is more secure by design.
To discuss that latter point I'm going to compare Linux to Windows, but I should stress that Windows can
be hardened to be just as secure as Linux is - I'm not in anyway trying to start a fanboy debate about the security of one verses another. I'm only using Windows as a comparison because it's what you'll be familiar with so will understand the points I'm raising. Disclaimer out of the way, here's the points I wanted to raise:
- Linux executables are defined by a file permission (like how 'readonly' is set on files) rather than file extension. So if something does download, it cannot be executed accidentally nor automatically.
- Linux desktops do not run as root / administrator - so if your user account is compromised then the malware still cannot get access to system
- It's easier to manage updates with Linux packages as very few updates require a reboot and all 3rd party software is managed by the same updater as the core OS components - where as with Windows it's all to common to defer Windows updates because you're too busy to reboot, and even ignore Java / Flash updates entirely.
- Linux's ecosystem is fragmented, which makes it harder to tailor a a specific attack
Now I should point out that every item in that list has exceptions and there will still be some responsibility on your part not to fall for social engineering (eg blindly inputting your password into any dialog box that pops up and not manually downloading and executing untrusted applications). But as long as you apply a little bit of common sense, you should be fine. However if you are planning on using Linux as a sort of "honeypot" to visit some potentially nasty sites, then there are a few things you can do to protect yourself a little better. I'll discuss this later though, if relevant.