Projects

From Linux Kernel Security Subsystem
(Difference between revisions)
Jump to: navigation, search
(Access Control)
(Integrity)
Line 16: Line 16:
 
This is a rapidly developing area, see the following LWN article for an overview:
 
This is a rapidly developing area, see the following LWN article for an overview:
  
* System integrity in Linux.
+
* [http://lwn.net/Articles/309441/ System integrity in Linux]
 
+
  
 
=== Privileges ===
 
=== Privileges ===

Revision as of 15:02, 9 April 2012

Contents

Kernel Security Projects

Access Control

Integrity

This is a rapidly developing area, see the following LWN article for an overview:

Privileges

  • POSIX File Capabilities
    • Filesystem capabilities in Fedora 10 LWN article.


Networking

There are several separately maintained projects relating to network security, including:

  • Netfilter packet filtering.
  • Labeled Networking, including NetLabel, CIPSO, Labeled IPsec and SECMARK, see Paul Moore's blog.
  • NuFW authenticating firewall based on netfilter


Storage

  • Labeled NFS, a project to add MAC labeling support to the NFSv4 protocol.


Cryptography

The cryptographic subsystem is maintained separately by Herbert Xu, refer to the mailing list.

Personal tools
Namespaces

Variants
Actions
Navigation
Tools