Linux Today: Linux News On Internet Time.

More on LinuxToday

Q&A: Ubuntu 9.10 security

Nov 06, 2009, 07:34 (0 Talkback[s])
(Other stories by Mirko Zorz)


Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers

[ Thanks to An Anonymous Reader for this link. ]

"Modern CPUs allow regions of memory to be marked as "non-executable", like the stack and heap. This puts a stop to large classes of vulnerability exploits. For systems that do not have it (or do not run in 64bit mode), Ubuntu's kernel now includes a partial form of this, emulated in the kernel by way of memory segment limits.

"AppArmor saw several improvements this cycle, and had several more profiles created including ntpd, evince, and libvirt. Additionally, experimental profiles (available for testing) were created for Firefox and Apache. The libvirt integration provides even more isolation for virtual machines running under Ubuntu."

Complete Story

Related Stories: