Linux Kernel biztonság
grsecurity
RBAC, ACL
Random IPID
Process hiding
Chroot restrictions
TPE (trusted path execution)
Symlink restrictions
Policy Learning mode
http://www.grsecurity.org/
LIDS
Linux Intrusion Detection System
MAC (mandatory access control)
Trusted Domain Enforcement (TDE)
TPE (trusted path execution)
http://www.lids.org
SELinux
Security Enhanced Linux
NSA/DOD, RedHat, HP, IBM
Exec-Shield integráció
RBAC
User-space access vector cache
Policy Learning mode
http://www.nsa.gov/research/selinux/index.shtml
AppArmor
Novell
MAC
Policy Learning mode
Sub-process confinement: can confine individual PHP pages, mod_perl scripts, and Tomcat servlets
http://www.linux-magazine.com/w3/issue/69/AppArmor_vs_SELinux.pdf
http://forge.novell.com/modules/xfmod/project/?apparmor
RSBAC
Rule Set Based Access Control
MAC, ACL, stb...
PaX integráció
Secure delete
Process hiding
Filesystem hiding for files you have no access for
Symlink redirection
in kernel user management
on-access virus scanning
Policy Learning mode
http://www.rsbac.org/
smack
Simplified Mandatory Access Control Kernel for Linux
MAC
http://schaufler-ca.com/
következtetések
egyik megoldás sem "fájdalommentes"
mindegyik megoldásnak saját userspace kiegészítői vannak
egyik megoldás sem kompatibilis visszafelé (nem is lehet)
még nem tudni, melyik lesz a de facto standard