Projects

From Linux Kernel Security Subsystem
(Difference between revisions)
Jump to: navigation, search
(Kernel Security Projects)
(Access Control)
Line 4: Line 4:
  
 
* [http://vger.kernel.org/vger-lists.html#linux-security-module Linux Security Modules (LSM)], the API for access control frameworks  
 
* [http://vger.kernel.org/vger-lists.html#linux-security-module Linux Security Modules (LSM)], the API for access control frameworks  
 +
** Mailing list archive: http://kernsec.org/pipermail/linux-security-module-archive/
 
* [http://www.novell.com/linux/security/apparmor/ AppArmor], a pathname-based access control system  
 
* [http://www.novell.com/linux/security/apparmor/ AppArmor], a pathname-based access control system  
 
* [http://selinuxproject.org/page/Main_Page Security Enhanced Linux (SELinux)], a flexible and fine-grained MAC framework  
 
* [http://selinuxproject.org/page/Main_Page Security Enhanced Linux (SELinux)], a flexible and fine-grained MAC framework  

Revision as of 07:28, 9 August 2017

Contents

Kernel Security Projects

Access Control

Integrity

This is a rapidly developing area, see the following LWN article for an overview:

Privileges

Networking

There are several separately maintained projects relating to network security, including:

  • Netfilter packet filtering
  • Labeled Networking, including NetLabel, CIPSO, Labeled IPsec and SECMARK, see Paul Moore's blog
  • NuFW authenticating firewall based on Netfilter

Storage

  • Labeled NFS, a project to add MAC labeling support to the NFSv4 protocol
  • dm-verity, a device mapper target for efficient, integrity-assured block devices

Cryptography

The cryptographic subsystem is maintained separately by Herbert Xu, refer to the mailing list.

Working Group

Self Protection

Personal tools
Namespaces

Variants
Actions
Navigation
Tools