---

LinuxSecurity.com Interviews Secure Computing

[ Thanks to Dave
Wreski
for this link. ]

“In this interview, two principals from Secure Computing, Inc.
offer their thoughts on the state of Linux and security, its place
in the data center as a secure platform for business, and their
work with the National Security Agency to create a Type Enforced
version of Linux.”

“LinuxSecurity.com: Do you view Linux as being a viable platform
for developing security products?”

“Carr Biggerstaff: Linux is not only very important for us, but
we’ve been doing work on the Linux platform for some time now. The
only other comment I’d make is the thing that people need to
remember about Linux is that it represents not only a platform in
the traditional computing space, but also for embedded
systems….”

“And with type enforcement the same thing happens. We build
walls between the application and walls between the operating
system itself. So if a hostile user or more likely these days
malicious code gets in, causes a compromise in one subsystem, that
compromise can’t spill over into other subsystems. It’s very very
powerful. If a user manages to mount an HTTP overrun attack, or
a stack overrun attack of any sort, they can’t use that to break
out of the application they’re in and get down into the operating
system to gain root access to take over the entire system. We’ve
absolutely eliminated that….

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis