“In the Slovak language, “medusa” means “jellyfish”. Like
jellyfish, Medusa can sting an enemy with its tentacles. In Greek
mythology, Medusa was one of three Gorgons’ sisters. Anybody who
got a glimpse of her face became petrified. Medusa is a security
system which can extend the overall security of your Linux system.
Medusa consists of two parts. The first is a set of small patches
to the Linux kernel, and the second is a user-space security daemon
(authorization server) called Constable. “
“You may ask, “Why do I need a security system such as
Medusa?” The answer depends on many factors. If you have a machine
at home, you’ll probably not need it. If you have a well-known and
frequently used Internet server, you may have use for it. Why?
Because the UNIX security scheme seems to be insufficient nowadays.
Yes, it’s really simple (like the whole UNIX principle), but it has
many limitations. Just to mention two of them: you have no system
rights at all as an ordinary user, and all rights to the whole
system as root. So, when somebody breaks in using any network
daemon, he can do anything he likes inside, e.g., graphics
subsystem or low-level disk operations.”
“The basic idea behind Medusa is really simple. Before
execution of certain operations, the kernel asks the authorization
server (Constable) for confirmation. The authorization server then
permits, forbids or changes the operation. The authorization
server and kernel talk to each other through the special device:
/dev/medusa. In this way, an administrator can create his own
security model, which can complete or override the original UNIX
model. I have told you the principle is simple; however, the
actual implementation is a bit complicated.”