Kicksecure Xfce now defaults to a safer split-user model: one account for daily use (user ) and another for admin tasks (sysmaint ). This limits the impact of potential malware and strengthens system security.
The user account no longer has access to sudo or other privilege escalation tools. Only dedicated admin accounts like sysmaint can perform such actions, reducing the attack surface and improving security.
Also, there’s now privleap:
A new security-focused privilege escalation framework replacing sudo. It allows only specific, pre-approved actions to be executed with elevated rights, reducing the risk of misuse or exploitation. SUID-free.
When user-sysmaint-split is installed, the account user will no longer be able to use privilege escalation tools (sudo, su, pkexec) when logged into any account other than sysmaint. This change takes effect immediately.
To perform system maintenance tasks such as checking for software updates, installing updates, etc, the user will have to reboot into the sysmaint account. To do this, restart the system normally, then select PERSISTENT Mode | SYSMAINT Session | maintenance tasks from the boot menu. The system will boot into a minimal desktop session with the System Maintenance Panel running. To reduce attack surface, most superfluous background services are suppressed while booted into the sysmaint account.
The sysmaint desktop session is intentionally minimal and not suited for normal desktop use. This is to discourage using it for work that has a higher risk of causing a difficult-to-avoid system compromise (such as web browsing). Quick shortcuts are provided for simple software management and system administration tasks, while more advanced tasks can be performed from a terminal. The sudo and pkexec commands will be usable here.
Once you are done with system maintenance tasks, click “Reboot” to reboot the system. Then boot into PERSISTENT Mode | USER Session | daily activities or LIVE Mode | USER Session | disposable use. This will provide you with a standard desktop session.
From a glance at the privleap README, it seems that only Debian based distros and OSs with the autopkgtest tool are able to install privleap. I don’t think non-Linux OSs are able to install autopkgtest to allow them to use privleap, unfortunately
