Operating systems

We aim to recommend a stable, usable and secure open-source operating system for deploying tools recommended in previous chapters of this work. The ideal operating system shall hold an appropriate level of usability within a well-secured environment.

Essential functionality shall be available for direct use with the particular operating system. For the scope of this work, the essential functionality of a workspace running on the given operating system consists of :

a web browser,
an office suite,
a media viewer,
a document viewer,
a software manager, and
GUI-integrated settings of Wi-Fi, BlueTooth, sound, notifications, input devices and workspace customization.

The operating system should also provide detailed documentation, user support and have a regular release cycle.

To achieve both usability and security of the operating system, it shall come with a quality desktop environment and a minimized attack surface by application of essential system hardenings.

Desktop environment

A desktop environment mediates user interaction with the underlying operating system through a GUI. The desktop environment thus carries a significant responsibility for overall environment usability.

The environment consists of several components, like a window manager, file manager, themes and other libraries for managing the GUI of an operating system. Essential features include the functionality of desktop icons, windows, widgets or workspaces.

GNOME

GNOME is a free and open-source desktop environment for Linux-based operating systems. It is a default desktop environment of various Linux distributions, including Debian, Ubuntu, Fedora, Red Hat Enterprise Linux or Tails.

The desktop environment is developed in compliance with the GNOME Human Interface Guidelines [70], which aim to guide developers in designing simple, user-friendly GNOME interfaces.

GNOME provides a set of native GUI applications. Seahorse is a front-end application for the GNOME system keyring, which can store user-defined secrets, SSH and GPG keys. Other GNOME utilities include the Evolution email client^{^[1]}, Disks utility for disk partitioning and LUKS formatting or Photos for editing images^{^[2]}.

The desktop environment also comes with the GNOME Help application, which provides a detailed guide on the general visual overview of the GNOME environment, user account management, window and file management, networking and other topics. GNOME also offers open-source assistive technologies for disabled users, either integrated or available for download, like the Orca screen reader for visually impaired users or the Dasher input method for users unable to type on a keyboard.

System hardening

NIST explains hardening as “a process to eliminate a means of attack by patching vulnerabilities and turning off nonessential services” [71]. More generally, operating system hardening consists of several measures – techniques, tools and best practices – to secure a system by design and thus reduce its attack surface.

Essential hardening measures include [72, 73]:

applying regular security updates and patches,
applying mandatory access control,
encrypting the hosting disk device as described in Section Data-at-rest encryption,
using secure passwords as described in Section Password Management,
implementing a firewall to safelist allowed traffic only,
applying security-enhancing settings in software configuration,
removing unnecessary software and data, or
enabling Secure Boot^{^[3]}.

Candidates

The set of selected candidates consists of Ubuntu Desktop and Fedora Workstation Linux-based operating systems. A complete comparison of default properties and features can be found in Table Overview of default properties and features.

Fedora Workstation

Fedora is an open-source Linux-based operating system developed by the community Fedora project, focused on innovation and provision of new open-source software. The Fedora Project is sponsored primarily by Red Hat.

Fedora is a unified distribution integrating thousands of upstream open-source projects, including the Linux Kernel itself or GNOME. According to Fedora documentation, the Fedora project tries to work closely with upstream projects [74]. Major changes are propagated to upstream projects directly. This approach comes with common benefits for open-source projects since patches spread to other downstream distributions, and better security assurance by relying on upstream developers’ knowledge of their programs.

Fedora uses the RPM Package Manager (RPM) together with Dandified YUM (DNF) as a command-line package manager for downloading and installing RPM packages. Fedora also supports Snap or Flatpak package manager, offering a sandbox environment for software execution.

The default desktop environment of Fedora is GNOME. Users can also switch to several different desktop environments, including KDE, Xfce, Cinnamon or MATE. The environment can be changed easily in the user login screen after installing the corresponding RPM package.

Fedora is the first mainstream operating system to apply Mandatory Access Control (MAC) by default [75]. MAC in Fedora is implemented by Security Enhanced Linux (SELinux). SELinux is a security architecture of the Linux kernel developed in partnership with the National Security Agency (NSA). Each file, application or process is labeled, and permissions are evaluated by SELinux according to a pre-loaded policy. This policy ensures an additional layer of access control over the classic Linux file modes: SELinux will not allow a change violating the SELinux policy, effectively preventing changes by malicious users or programs.

A new major version of Fedora is released every six months, and each version is maintained for approximately 13 months after its release.

Ubuntu Desktop

Ubuntu Desktop, later just Ubuntu, is an open-source Linux-based operating system developed by Canonical. It is released as a downstream distribution of Debian.

Ubuntu has gained significant popularity in the Linux community thanks to its reputation, reliability, ease of use, and extensive documentation. It is estimated to be the most popular distribution, employed by 32.8% of Linux users [76]. Several other popular distributions, like Linux Mint, Xubuntu or Zorin OS, are based on Ubuntu.

The main idea behind Ubuntu is usability. Unlike Debian, Ubuntu hides most of the configuration from users, aiming to provide a ready-to-use and secure environment straight after installation.

The default security of Ubuntu is achieved through the application of several user-space and kernel hardenings^{^[4]}.

Ubuntu inherits the DEB packages from Debian and uses the Advanced Packaging Tool (APT) to download, install and upgrade packages or the entire Ubuntu system. Since version 16.04 LTS, the unattended-upgrades package is pre-installed and configured to apply security updates automatically without user intervention [77]. The default approach also installs other recommended updates. This behavior can be configured through GUI in the Software and Updates application.

On top of APT, Ubuntu supports Snap and Flatpak to provide applications outside official repositories. The Ubuntu Software GUI application integrates these different package managers and offers a wide range of software for direct installation. This way, users have freedom of choice between open-source and proprietary software.

The mandatory access control is implemented via AppArmor, a project actively developed by the Ubuntu Security Team. Similarly to SELinux, described in Section Fedora Workstation, AppArmor defines policies called security profiles to separate processes and enforce access permissions to prevent malicious escalation of privilege.

Ubuntu releases Long Term Support (LTS) versions every two years. LTS releases are guaranteed to be maintained by Canonical for five years [78].

Ubuntu Desktop versus Fedora Workstation

latest version as of May, 2022	Ubuntu Desktop v22.04 LTS; Apr 21, 2022	Fedora Workstation 36 May 10, 2022
Secure Boot	yes	yes
mandatory access control	AppArmor	SELinux
automatic security updates	yes	configurable
system encryption	configurable	configurable
desktop environment	GNOME 42.0	GNOME 42.0
essential functionality	yes	yes
stable release cycle	every 2 years	every 6 months
free maintenance	5 years	approx. 13 months
office suite	LibreOffice	LibreOffice
web browser	Firefox	Firefox
email client	Thunderbird	none
package manager	DEB + APT	RPM + DNF

Operating system recommendations

Ubuntu and Fedora come from an active community of users, feature sufficient documentation and tutorials, provide user support and apply the most critical system hardenings. Secure Boot and mandatory access control are implemented by default, and both distributions allow full disk encryption during installation. The default desktop environment is GNOME, so both distributions feature quality GUI with essential pre-installed GNOME utilities.

Ubuntu is recommended for both user categories as a stable and reliable operating system. It is an ideal option for beginner users: important security patches are applied automatically, and all software can be installed, updated and configured through a GUI application. Users are not forced to use the CLI for any basic tasks, unlike within Fedora.

Fedora remains recommended for intermediate users only since installing third-party software involves the management of repositories and Snap packages through the CLI. Nevertheless, intermediate users can benefit from a significantly shorter release cycle. Frequent Fedora releases include the most recent software and technologies provided by close cooperation between Fedora and source upstream projects. After enabling automatic security updates of packages, Fedora provides approximately the same level of security as Ubuntu.

The Evolution email client is described in Section Email communication.
More native utilities can be found in the GNOME application overview. ↑
Secure Boot is a protocol of verifying the digital signature of bootloader code to avoid loading a maliciously-altered operating system. ↑
The exhaustive list of security hardenings with a release hardening overview can be found in the Ubuntu Security Team pages. ↑