Skip to main content

Security Features

Estimated reading: 1 minute 65 views

Application Sandboxing

  • AppBoxes (CLI) & other Executables: We utilize AppArmor and Firejail to restrict the capabilities of command-line tools and standard executables. This way ensures they operate with the principle of least privilege.
  • AppBoxes (GUI) & Flatpaks: Graphical applications (AppBoxes and Flatpaks) are isolated using Bubblewrap, providing a lightweight namespace sandbox that prevents unauthorized access to user data and system files.

Network Security

  • Firewall Management: Nitrux includes Firewalld, which is managed via Cinderward, making it easy to configure traffic rules.
  • VPN Support: NetworkManager comes pre-configured with plugins for OpenVPNOpenConnect, and OpenFortiVPN.
  • WireGuard: Nitrux supports WireGuard for high-performance encrypted tunnels, which are managed via Wirecloak or wg-quick, making it easy to select tunnels.
  • Encrypted DNS: Nitrux uses dnscrypt-proxy by default, which encrypts DNS queries between your machine and the DNS resolver.

Filesystem Integrity

  • Immutable Root: The system core is read-only by default to prevent tampering and ensure stability. However, users can still perform persistent modifications when necessary.

Password Management

  • KWalletManager: We use it to securely store and manage system credentials.
Security Features - PreviousBluetooth SecurityNext - Security FeaturesSystem Performance

© 2017-2026 Some Rights Reserved. Made with by Nitrux Latinoamericana S.C.