Assessing the Tux Strength: Part 2 - Into the Kernel

"The previous article in this series on Linux security described different userspace protection mechanisms that can be applied to protect binaries on a Linux system. Unsurprisingly, without additional kernel settings and protections most of the previously described mechanisms cannot be utilised to their full extent. This article will therefore focus on kernel features that have a direct impact on security of running binaries. Specific security frameworks such as SELinux, Grsecurity RBAC, AppArmor and others will not be discussed here although they may feature in future articles.

"Most of the kernel features described here will be related to the addition of protection within userspace; however, a few of them will also have a direct impact on the security of the kernel itself. The security of the kernel is also very important as once an attacker is able to execute their own code in the kernel space there's very little that can be done to maintain the security of the system. The Linux kernel is subject to rapid development with many new features being added or existing functionality being amended and support for new devices is added on a regular basis. It should be noted that the direct and indirect impact of these issues on the security of the kernel can be easily overlooked. It is also not uncommon for a security feature that is enabled in the kernel to have an impact on its performance and the overall performance of the system as well."

Complete Story

Related Stories:

• 75 Top Open Source Security Apps(Mar 24, 2010)
• Metasploit Gains Further Commercial Adoption(Feb 18, 2010)
• Rogue PDFs account for 80% of all exploits, says researcher(Feb 17, 2010)
• NULL pointer errors are still common in Open Source software(Sep 24, 2009)