Hi everyone ,
I would like to understand PureOS better and my today’s question is about hardening technics used in PureOS.
I know that PureOS 9 is based on Debian stable, which in itself is a high security standard (lower CVEs risk at the expense of having older packages).
It seems to me that Debian usually offers quite a “default configuration” for its packages. My understanding is that PureOS has adjusted some things (relative to Debian) to make the operating system more secure by default. I am curious what these things are. I have already searched for the answer to this question and I know that it is the default browser configuration, but I’m sure there are more things (I also found information about AppArmor).
In order not to dilute the topic, I would like to focus on the operating system (I know that the bios is also safer, etc. but let’s focus on the OS).
Would someone be able to explain me what security mechanisms I get by default in PureOS that are not configured in Debian by default ?
I do not expect an explanation of the details of these mechanisms/configurations, but I guess I would like to know what their list is, if possible.
Thank you very much,