Hardening linux [howto?]

Mark Street jet at sonic.net
Thu Jun 13 19:21:08 PDT 2002

Check out LIDS, http://www.lids.org

 What is LIDS

* A kernel patch and admin tool to enhance the linux kernel security
* Implementation of reference monitor in kernel
* Mandatory Access Control in the kernel
* An active project with many helpful hackers.

What are the features

* Protection of files, No one including root can modify the lids-protected
files. File can be hidden.
* Protection of process, No one including root can kill the protected
process. Process can be hidden.
* Fine-granulate Access Control with ACLs.
* Use and extend capability to control the whole system.
* Security alert from the kernel.
* Port scanner detector in kernel.


On 13 Jun 2002, error wrote:

> Hello,
> I am looking to do process, disk and memory quotas on a per user basis.
> I have searched around and I can find nothing on process and memory
> quotas.
> Do any of you have any idea how one could go about setting up process
> and/or memory quotas?
> Also, how would one go about locking down the wtmp file? I would like it
> so the user can only see them self logged in (ie all other processes are
> hidden to them, even root)
> I know this can be done in freebsd, but I have yet to see it done in
> linux.
> The flavor I am using for this box is redhat 7.2
> Thanks.
> -
> Jake

More information about the talk mailing list