Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Q&A: Ubuntu 9.10 security

Nov 06, 2009, 07:34 (0 Talkback[s])
(Other stories by Mirko Zorz)

[ Thanks to An Anonymous Reader for this link. ]

"Modern CPUs allow regions of memory to be marked as "non-executable", like the stack and heap. This puts a stop to large classes of vulnerability exploits. For systems that do not have it (or do not run in 64bit mode), Ubuntu's kernel now includes a partial form of this, emulated in the kernel by way of memory segment limits.

"AppArmor saw several improvements this cycle, and had several more profiles created including ntpd, evince, and libvirt. Additionally, experimental profiles (available for testing) were created for Firefox and Apache. The libvirt integration provides even more isolation for virtual machines running under Ubuntu."

Complete Story

Related Stories: