Is Full Install Secure?

For discussions about security.
Message
Author
sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

Is Full Install Secure?

#1 Post by sleeper48 »

I read this somewhere, just wonder is it true or not?

"Are you quite sure that you should have done a full install? Remember that Puppy runs as root, so it is not secure when run from HD. The frugal install, where the file lives on the HD but is still run from RAM, is recommended for that reason."

If true, any way to make full secure or change it to frugal without starting from scratch?

User avatar
bigpup
Posts: 13886
Joined: Sun 11 Oct 2009, 18:15
Location: S.C. USA

#2 Post by bigpup »

The big difference from a frugal and a full install.

A full install has everything setup as read/write all the time.

A frugal install has all the main Puppy files in a sfs package file.
This file gets read into memory and stays read only.
Nothing can write to it to change it.

All changes are written to a save file/folder.
That save is loaded as read/write.
So, anything could write to it.

If something bad got into the save.
Boot not using the save.
Delete the save and replace it with a good copy of the save, that we know you made just for that purpose.
Back to normal.

Changing to a frugal install from a full install is really going to require a fresh frugal install and install of whatever you want to add to it.

Data files, documents, browser bookmarks, pictures, etc... could be manually transfered from the full install to the frugal.
Actual added programs, you would have to freshly install into the frugal install.
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected :shock:
YaPI(any iso installer)

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#3 Post by sleeper48 »

So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.

s243a
Posts: 2580
Joined: Tue 02 Sep 2014, 04:48
Contact:

#4 Post by s243a »

sleeper48 wrote:So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.
What's your threat model. Are you woried about a windows virus messing with linux or is it more that you want to be able to rollback changes?

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#5 Post by sleeper48 »

s243a wrote:
sleeper48 wrote:So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.
What's your threat model. Are you woried about a windows virus messing with linux or is it more that you want to be able to rollback changes?
Not really sure. Exactly what IS the threat from having a full install?

User avatar
Galbi
Posts: 1098
Joined: Wed 21 Sep 2011, 22:32
Location: Bs.As. - Argentina.

#6 Post by Galbi »

I can't say if full or frugal, which is more secure, but for the reasons given by Bigpup, is worth doing a frugal install, and of course, making regular backups of the save file.

With frugal installs, you can recover from a damaged sytem in five minutes or you can put your current system in a new machine in ten.

Comming from Windows or from one big distro (Debian, Ubuntu, etc) it's natural to think that full installs are the correct way, but Puppy was designed for frugal installs.

Another advantage, with frugal+backup you can play "learning by breaking"
:)
Saludos.
Remember: [b][i]"pecunia pecuniam parere non potest"[/i][/b]

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#7 Post by sleeper48 »

All very interesting. Maybe Puppy should warn at setup that a full install is a security risk. If there had been such a warning, I probably would have chosen frugal. Oh well, live & learn.

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#8 Post by Burn_IT »

There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.
"Just think of it as leaving early to avoid the rush" - T Pratchett

musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#9 Post by musher0 »

sleeper48 wrote:All very interesting. Maybe Puppy should warn at setup that a full install is a
security risk. If there had been such a warning, I probably would have
chosen frugal. Oh well, live & learn.
Hello sleeper48.

In the same line of thought, the recommendation for "pupsave folder" in
the save panel at install time should be changed back to "pupsave file".

A pupsave folder is "open to the world", like a full install.

Not only is a pupsave file
1) more secure,
it is also
2) much easier
-- 2a) to back-up and
-- 2b) to migrate to another PC if you need to.

BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)

User avatar
Moat
Posts: 955
Joined: Tue 16 Jul 2013, 06:04
Location: Mid-mitten

#10 Post by Moat »

Agreed 100% - frugal + saveFILE really should be the recommended (and most supported by devs) default. As well, we need a naming convention change to the words "full" & "frugal" in order to avoid the all-too-common confusion seen repeatedly here among newer users.

Bob

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#11 Post by sleeper48 »

Burn_IT wrote:There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.
That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.

User avatar
RetroTechGuy
Posts: 2947
Joined: Tue 15 Dec 2009, 17:20
Location: USA

#12 Post by RetroTechGuy »

musher0 wrote:
sleeper48 wrote:All very interesting. Maybe Puppy should warn at setup that a full install is a
security risk. If there had been such a warning, I probably would have
chosen frugal. Oh well, live & learn.
Hello sleeper48.

In the same line of thought, the recommendation for "pupsave folder" in
the save panel at install time should be changed back to "pupsave file".

A pupsave folder is "open to the world", like a full install.

Not only is a pupsave file
1) more secure,
it is also
2) much easier
-- 2a) to back-up and
-- 2b) to migrate to another PC if you need to.

BFN.
This is exactly why I haven't moved away from frugal installs. It's also easy to implement multiple "users". Just copy the unmounted volume to another name.

I usually copy backups to a name ending with .2fx instead of the usual .2fs. This hides the volume from Puppy during boot. Rename or copy it back, and you're back in business.

For "security", I have a "main" version of a puppy save file that I normally use, then I have a "secure" version which is ONLY used to access bank accounts and the like. If you were really paranoid, you could make a different save file for each individual financial agency that you deal with. But I figure that the small number of sites I need to visit, the chance of some kind of infection is small (Linux is already a small chance of infection)
[url=http://murga-linux.com/puppy/viewtopic.php?t=58615]Add swapfile[/url]
[url=http://wellminded.net63.net/]WellMinded Search[/url]
[url=http://puppylinux.us/psearch.html]PuppyLinux.US Search[/url]

dancytron
Posts: 1519
Joined: Wed 18 Jul 2012, 19:20

#13 Post by dancytron »

sleeper48 wrote:
Burn_IT wrote:There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.
That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.
There has been talk on and off over the years. One suggestion was to change the name of "full install" to "legacy install".

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#14 Post by sleeper48 »

dancytron wrote:
sleeper48 wrote:
Burn_IT wrote:There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.
That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.
There has been talk on and off over the years. One suggestion was to change the name of "full install" to "legacy install".
No matter what they call it, I think it should state Security Risk or something similar.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#15 Post by 8Geee »

In regard to naming conventions... I think of full = internal, and frugal = external. I guess a USB HDD = hybrid.

OT:/ These newer stubby USB "sticks" are not too bad for speed considering the handful of $'s they cost (<$10 for 32Gb USB-2)
Even more remarkable is the advances in the Micro SDHC chips. Considering most older machines need an adapter (slows it down a bit) I've found a few 32Gb Class-10 China-brands that run 90% of say a 32Gb SanDisk Cruzer Fit Stubby (18Mb vs. 20Mb) and the cost is US$5 instead of $10+.
PM me for two decent ones at aliexpress. /OT

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Mike Walsh
Posts: 6351
Joined: Sat 28 Jun 2014, 12:42
Location: King's Lynn, UK.

#16 Post by Mike Walsh »

@sleeper48:-
Galbi wrote:Comming from Windows or from one big distro (Debian, Ubuntu, etc) it's natural to think that full installs are the correct way, but Puppy was designed for frugal installs.

Another advantage, with frugal+backup you can play "learning by breaking"
:)
Absolutely could not agree more. And IMHO, it's the best way to learn; I've always found that mistakes made like that are ones that tend to stick with you.


Mike. :wink:

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#17 Post by greengeek »

Any install that allows system files to be writable is inherently insecure.

This is true for both full installs and any frugal install that uses a save file or save folder.

Frugal installs (using auto save techniques) are not more secure - just easier to back up (usually)

A more secure option is to remaster your changes inside the main puppy.sfs. However that is not something easily explainable to new users.

There are other methods to improve security too - mostly focusing on ensuring that system files are readonly and contained within "sfs" files - not contained as read/write files as is done in a full install or a frugal+save.

Personal files are different - they should be stored off the system (away from system files) backed up regularly to multiple locations, and saved manually, rather than relying on save files or save folders to do the job automatically.

mostly_lurking
Posts: 328
Joined: Wed 25 Jun 2014, 20:31

#18 Post by mostly_lurking »

sleeper48 wrote:I read this somewhere, just wonder is it true or not?

"Are you quite sure that you should have done a full install? Remember that Puppy runs as root, so it is not secure when run from HD. The frugal install, where the file lives on the HD but is still run from RAM, is recommended for that reason."
Source of that quote:
https://www.linuxquestions.org/question ... ost5653882

Whether a full install is less secure than a frugal one depends on what "secure" means to you - and it has little to do with running as root; you have the same root privileges and file access rights no matter how you run Puppy.

If "secure" means protecting your system:
A frugal install makes is easier to repair if the system gets messed up, especially if you have a backup of your savefile (and if you don't have that, you can at least restore the system to a working state by booting without the save). With a full install, you lose your whole system if it breaks and you can't manage to fix it.
There is also the possibility to configure a frugal Puppy so that it doesn't automatically write all changes to the savefile, but asks you if you want to save on shutdown, thus giving you the chance to avoid saving a session that has gone bad:
Remove automatic pupsave for frugal installs
(Normally, frugal Puppies installed on a hard drive run in "pupmode 12", a state in which they write all changes to the savefile immediately, while installs on USB media use "pupmode 13", which saves at user-defined time intervals and on shutdown.)

If "secure" means protecting your personal files:
In both frugal and full installs, you - and any programs you run as root - have full access to your files. If you have a frugal install with a savefile, I assume storing your files inside the save might put you at a risk of losing them should the savefile get corrupted, so it may be better to keep them out of there.

If "secure" means protection against some hypothetical hacker/malware threat:
First of all, that's very unlikely to happen. Linux home systems aren't a popular target, and Linux won't run Windows-specific malware. (Unless you have Wine installed, and even then it won't run Windows applications automatically. And you hopefully haven't told your browser to open any random Windows executables that it finds on the web with Wine.) The much-publicized security problems that have popped up lately (Meltdown/Spectre, Shellshock...) are mainly a concern for servers, less so for home systems.
Still, if we assume that there may be a threat from surfing the web, a frugal install wouldn't offer any more security than a full one - if your browser (and any hypothetical piece of malware that comes through it) runs as root, your system and personal data could be compromised either way. You might gain a little more security by running your browser as non-root user, so that it doesn't have administrator privileges and can only modify files in that user's home directory. Some newer Puppies have a "Login and Security Manager" in the System menu, where you can select some applications (browsers) to run as restricted user "spot". For older Puppies or other programs, you might find some solution on the forum if simply typing sudo -u spot <programname> in a terminal to run that program as spot (or su spot to switch users for more than one command line) doesn't do the trick.

To summarize: a frugal install is "more secure" only in that it makes it easier to restore the system if it breaks (and configuring it to not save automatically might even prevent damage past the current session), but it doesn't protect your personal data any more than a full install does. Running your browser as non-root user might reduce the already very small and rather theoretical risk of malware.

Here is an article by Barry Kauler, the creator of Puppy Linux, which explains the root-vs-user security question as it applies to Puppy (especially when it is run frugally):
http://bkhome.org/archive/puppylinux/technical/root.htm
(There are also some links at the bottom of that page for further reading about this topic - two by the makers of the Puppy spin-offs Fatdog and Grafpup, and one about Linux in general.)
sleeper48 wrote:
Burn_IT wrote:There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.
That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.
It does. The Puppy installer states that the frugal method is recommended, and lists some advantages of frugal installs. The problem, as dancytron mentioned, seems to be that the terms "frugal" and "full" suggest that the first is some kind of "crippled" install, leading people to choosing the full one instead. I've seen that Xenialpup's installer now says that full installs should only be used for computers with too little memory/slow CPU, so that's a step forwards to making it clearer. I'm not sure if renaming these things after so many years would be a good idea; it might cause confusion for new users when every piece of documentation here or elsewhere uses different terms than their Puppy system does.

sleeper48
Posts: 13
Joined: Mon 25 Dec 2017, 02:44

#19 Post by sleeper48 »

mostly_lurking wrote:
It does. The Puppy installer states that the frugal method is recommended, and lists some advantages of frugal installs. The problem, as dancytron mentioned, seems to be that the terms "frugal" and "full" suggest that the first is some kind of "crippled" install, leading people to choosing the full one instead. I've seen that Xenialpup's installer now says that full installs should only be used for computers with too little memory/slow CPU, so that's a step forwards to making it clearer. I'm not sure if renaming these things after so many years would be a good idea; it might cause confusion for new users when every piece of documentation here or elsewhere uses different terms than their Puppy system does.
So, it's clear as mud then. :lol:
If they put Recommended after Frugal & Not Recommended or Security Risk after Full, maybe that would help.
Last edited by sleeper48 on Fri 25 May 2018, 15:45, edited 1 time in total.

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#20 Post by Burn_IT »

It is very simple!!

ANY system that has ANY connection to ANY external source of ANY kind is inherently insecure - and that includes a keyboard.
"Just think of it as leaving early to avoid the rush" - T Pratchett

Post Reply