Hardening linux [howto?]
jet at sonic.net
Thu Jun 13 19:21:08 PDT 2002
Check out LIDS, http://www.lids.org
What is LIDS
* A kernel patch and admin tool to enhance the linux kernel security
* Implementation of reference monitor in kernel
* Mandatory Access Control in the kernel
* An active project with many helpful hackers.
What are the features
* Protection of files, No one including root can modify the lids-protected
files. File can be hidden.
* Protection of process, No one including root can kill the protected
process. Process can be hidden.
* Fine-granulate Access Control with ACLs.
* Use and extend capability to control the whole system.
* Security alert from the kernel.
* Port scanner detector in kernel.
On 13 Jun 2002, error wrote:
> I am looking to do process, disk and memory quotas on a per user basis.
> I have searched around and I can find nothing on process and memory
> Do any of you have any idea how one could go about setting up process
> and/or memory quotas?
> Also, how would one go about locking down the wtmp file? I would like it
> so the user can only see them self logged in (ie all other processes are
> hidden to them, even root)
> I know this can be done in freebsd, but I have yet to see it done in
> The flavor I am using for this box is redhat 7.2
More information about the talk