Desktop Linux Security Review – Elementary OS

This post documents my testing results for the Linux distro Elementary OS. I performed the same testing on the following distros:

The results are based on the methodology described here:

Linux Desktop Security Review

Elementary collected 13 out of 18 possible points – A great score for a UX focused distro.

Distro Name: Elementary OS (

Tested Version: elementary OS 6.1 Jólnir (20211218-rc), downloaded on 2022-01-29

ISO MD5: 17b373306a9ee304ee3d544ee9cea97a

Total Score: 13 / 18

Summary of Installer – Security Features:

Elementary’s graphical installer makes it very easy to fully encrypt the disk. The installer also includes a great password strength indicator.

Score: 2 / 2

Summary of Firewall:

Elementary installs UFW per default. However, UFW is not enabled by default. Elementary nicely integrates the host firewall into the general settings app.

Score: 1 / 4

Summary of Automatic Updates:

Elementary does not download updates during installation. The Update Manager is configured to notify the user about available updates by default. Signature checking for packages is enabled by default as well.

Score: 2 / 3

Vulnerability Scanning Results:

A Nessus vulnerability scan did not identify any critical nor high risk vulnerabilities.

Score: 4 / 4

Summary of User Privileges:

Elementary is using sudo for admin task elevation and protects the use of sudo with a password.

Score: 2 / 2

Summary of Default Browser:

Elementary is installing Gnome Web (Epiphany) as the default browser. It is regularly updated. However, it does not warn about the execution of downloaded files.

Score: 1 / 2

Summary of Application Sand-boxing:

Elementary installs AppArmor together with some sensible profiles and enables it.

Score: 1 / 1

Contact via Mastodon: