Security
Security and Privacy
Security is of primary importance in the modern world. Security is the capability of a device to withstand malicious attacks to avoid allowing the attacker to gain access to capabilities or data on the device. Sailfish OS aims to be a secure operating system to power the devices of users around the world.
Privacy is similarly important. Privacy is related to the way that consumer data is handled on the device, and whether that data is kept private for the user, or whether that data is used for other purposes (such as advertising analytics, or sold to third parties). Sailfish OS respects the privacy of its users, and does not use the data for any such purposes (the full privacy policy may be viewed here). In some cases, Sailfish OS makes use of third-party plugins to extend its functionality, and in those cases the third-party plugin may require that the user agrees to some separate privacy policy (for example, location and positioning plugins, which can use data about surrounding cell towers to determine the user’s location). In those cases, the user is clearly informed and their express permission is requested before that functionality can be enabled.
Security Hotfixes
Sailfish OS devices can be updated with so called “hotfixes” for specific security issues outside of the normal release update cadence. This allows vendors to provide users with security updates as they become available, with minimal delay. These fixes are provided as package updates via the normal package management systems, and are fully versioned and delivered securely with end-to-end encryption to avoid man-in-the-middle or other contamination attacks.
Security Architecture
Sailfish OS currently uses a three-level security architecture.
- Third-party applications submitted through the Harbour are rigorously examined for any signs of malicious behaviour.
- Every application, irrespective of its origin, is run in a Sailjail sandbox with an explicitly assigned set of application permissions to limit the scope of malicious activity achievable by exploiting a possible vulnerability in the application.
- Furthermore, access to certain sensitive user’s data like the address book or communication records, is only available to a limited set of privileged applications and/or services. Linux user groups are used to separate privileged processes from non-privileged ones and file system access control is enforced by the Linux kernel.