Scribd
Upload
117 views

Linux Kernel Security Enhancements

This document discusses security enhancements that can be made to the Linux kernel. It notes that the Linux kernel is increasingly being used in critical systems but lacks some basic security features of specialized operating systems. It proposes designing a security architecture with features like buffer overflow protection, access controls, logging, and encryption support. Specific projects mentioned are NSA SELinux, LIDS, and grsecurity, which implement access controls and restrictions. FreeS/WAN and CryptoAPI are mentioned as ways to add encryption for communications and stored data. The document indicates that a report will be published providing more details on these security enhancements and the results of combining some in a single kernel.

Uploaded by

Shihab Sam
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
117 views

Linux Kernel Security Enhancements

This document discusses security enhancements that can be made to the Linux kernel. It notes that the Linux kernel is increasingly being used in critical systems but lacks some basic security features of specialized operating systems. It proposes designing a security architecture with features like buffer overflow protection, access controls, logging, and encryption support. Specific projects mentioned are NSA SELinux, LIDS, and grsecurity, which implement access controls and restrictions. FreeS/WAN and CryptoAPI are mentioned as ways to add encryption for communications and stored data. The document indicates that a report will be published providing more details on these security enhancements and the results of combining some in a single kernel.

Uploaded by

Shihab Sam
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 6

Linux-kernel security enhancements

Karri Huhtanen <[email protected]>

Why?

Linux is used more and more in network appliances, routers and other critical systems. Critical systems like these often cannot be upgraded and rebooted instantly when new security hole and fix is found. Plain vanilla Linux kernel and system is very vulnerable compared to specialized router operating systems because of the basic Unix kernel security features.

Linux kernel has no encryption support for securing communications or data in plain vanilla kernel (at least yet)
Thus there is a need for hardened Linux kernel and security enhancements

How?

Designed security architecture needed just closing security holes is not the solution Buffer overflow & memory protection/restrictions, sandboxes for services, processes and users Resource restrictions/limitations within kernel or outside (e.g. Fork bomb protection, firewall rules that limit the number of open connections etc.) Mandatory Access Controls (Root has too much power), subject/object model based access control Logging, traceability of actions, integrity checks Hiding existence i.e. network transparency Communications / data encryption support (e.g. IPSEC stack, filesystem encryption)

Integrity and Access Control

NSA Security-Enhanced Linux ( www.nsa.gov/selinux/)


A result of several NSA security research projects, from design to implementation approach Security-enhanced Linux is only a research prototype that is intended to demonstrate mandatory controls in a modern operating system like Linux and thus is very unlikely to meet any interesting definition of secure system. -- NSA SELinux FAQ

A starting point and a theoretical model for future kernel development and Linux Security Module work (http://lsm.immunix.org/)

LIDS (www.lids.org)

Root has too much power. Access Control List implementation patch for Linux kernel file/process protection and capabilities control An opensource community's equivalent of NSA SELinux?

grsecurity (www.grsecurity.net)

A large collection of security enhancement patches for Linux kernel


Buffer overflow/memory protections, ACLs for files/sockets/consoles/processes/whatever,, logging, resource restrictions/limits, network invisibility/OS signature hiding etc.

Communications and Data Encryption

FreeS/WAN IPSEC stack:


WWW site: www.freeswan.org X.509 certificate support: www.strongsec.com/freeswan/ The leading free open source Linux IPSEC stack, commercial IPSEC stacks available for network appliance developers available from for example SSH Communications, SecGo, (FSecure?) Advantages: free, open source, available for all, (cheap), interoperable Disadvantages: no management software, only 3DES encryption, limited hardware encryption and modern IP technologies support

International Crypto API for GNU/Linux:


WWW site: sourceforge.net/projects/cryptoapi/ Provides kernel modules for creating encrypted loopback devices to encrypt for example your home partition Based on international crypto patch for GNU/Linux

Advantages: free, open source, available for all, cheap, several encryption algorithms implemented (blowfish, AES etc.)
Disadvantages: documentation, encryption of whole disk/swap is not possible

About this presentation and report

This presentation will be soon added in several formats in: iki.fi/khuhtanen/interests/security/ The report, which presents these security enhancements in detail will be published on the same web page. The report will also most likely contain a report of the practical experiment where some or all of the presented security enhancements are combined in single kernel. The success or failure of this experiment as well as the succesful/failing combination is documented in the report. Questions? Suggestions of things to note in the report?

You might also like