Security Features

Estimated reading: 1 minute 278 views

Application Sandboxing

  • AppBoxes & Flatpaks: AppBoxes (CLI and GUI) and Flatpaks are isolated with Bubblewrap or Firejail, providing lightweight namespace sandboxes that prevent unauthorized access to user data and system files.
  • Other Executables: We utilize AppArmor and Firejail to restrict the capabilities of standard executables. This way ensures they operate with the principle of least privilege.

Network Security

  • Firewall Management: Nitrux includes Firewalld, which is managed via Cinderward, making it easy to configure traffic rules.
  • VPN Support: NetworkManager comes pre-configured with plugins for OpenVPNOpenConnect, and OpenFortiVPN.
  • WireGuard: Nitrux supports WireGuard for high-performance encrypted tunnels, which are managed via Wirecloak or wg-quick, making it easy to select tunnels.
  • Encrypted DNS: Nitrux uses dnscrypt-proxy by default, which encrypts DNS queries between your machine and the DNS resolver.

Filesystem Integrity

  • Immutable Root: The system core is read-only by default to prevent tampering and ensure stability. However, users can still perform persistent modifications when necessary.

Password Management

  • KWalletManager: We use it to securely store and manage system credentials.
Security Features - PreviousBluetooth SecurityNext - Security FeaturesSystem Performance

Recently Viewed articles

© 2017-2026 Some Rights Reserved. Made with by Nitrux Latinoamericana S.C.