They are absolutely not. Not compared to general purpose distros.
Just look historically at semi-relevant security holes and how long it took Debian to patch openssl (hours? minutes?) vs "one dudes spare time project" maybe weeks, or worse, never.
"have the advantage of being authored by people well practiced"
You'd like to think so, but other than hopes there seems to be no evidence...
"locked down enough."
It has a stateful firewall probably as part of the NAT function? Good enough. The rest of it is mostly security theater.
They are absolutely not. Not compared to general purpose distros.
Just look historically at semi-relevant security holes and how long it took Debian to patch openssl (hours? minutes?) vs "one dudes spare time project" maybe weeks, or worse, never.
"have the advantage of being authored by people well practiced"
You'd like to think so, but other than hopes there seems to be no evidence...
"locked down enough."
It has a stateful firewall probably as part of the NAT function? Good enough. The rest of it is mostly security theater.