Language Selection

English French German Italian Portuguese Spanish

Compartmentalized computing with CLIP OS

Filed under
OS
Gentoo

The design of CLIP OS 5 includes three elements: a bootloader, a core system, and the cages. The system uses secure boot with signed binaries. Only the x86 architecture was supported in the previous versions, and there are no other architectures in the plan for now. The core system is based on Hardened Gentoo. Finally, the cages provide user sessions, with applications and documents.

Processes running in separate cages cannot communicate directly. Instead, they must pass messages using special services on the core system; these services are unprivileged and confined on the cage system, but privileged on the core. These communication paths are shown in this architecture diagram from the documentation. Cages are also isolated from the core system itself — all interactions (system calls, for example) are checked and go through mediation services. The isolation between applications will be using containers, and the team plans to use the Flatpak format. The details of the CLIP OS 5 implementation are not available yet, as this feature is planned for the stable release.

A specific Linux security module (LSM) inspired from Linux-VServer will be used to add additional isolation between the cages, and between the cages and the core system. Linux-VServer is a virtual private server implementation designed for web hosting. It implements partitioning of a computer system in terms of CPU time, memory, the filesystem, and network addressing into security contexts. Starting and stopping a new virtual server corresponds to setting up and tearing down a security context.

Read more

More in Tux Machines

Android Leftovers

Snake your way across your Linux terminal

Welcome back to the Linux command-line toys advent calendar. If this is your first visit to the series, you might be asking yourself what a command-line toy even is. It's hard to say exactly, but my definition is anything that helps you have fun at the terminal. We've been on a roll with games over the weekend, and it was fun, so let's look at one more game today, Snake! Snake is an oldie but goodie; versions of it have been around seemingly forever. The first version I remember playing was one called Nibbles that came packaged with QBasic in the 1990s, and was probably pretty important to my understanding of what a programming language even was. Here I had the source code to a game that I could modify and just see what happens, and maybe learn something about what all of those funny little words that made up a programming language were all about. Read more

Growing Your Small Business With An Affordable OS

Your small business needs to grow, there's no doubt about that. Expansion is the name of the game when you have a one or two man company, and you're going to want to bring on at least 20 or more people to really get the cogs grinding. And if you're working on a digital interface, slowly phasing pen and paper out of the office you operate in, you're going to need plenty of people around to oil the engine and keep the tech in a usable state. Because of this, technology helps your small business grow, and can do quite a few wonders for the time and effort you invested into it. Even if you're working on a minimal budget, there's quite a few option to look into to make sure you've got just as much of a chance as the shop next door to you that seems to have a never ending stream of customers. After all, you've got to get your internal processes working perfectly first, and with a bit of technological aid, you might manage that faster than you first thought. Read more

Security: Polkit, CSP, Ansible and Router Hardening Checklist

  • Polkit CVE-2018-19788 vs. SELinux
  • Why is your site not using Content Security Policy / CSP?
    Yesterday, I had the pleasure of watching on Frikanalen the OWASP talk by Scott Helme titled "What We’ve Learned From Billions of Security Reports". I had not heard of the Content Security Policy standard nor its ability to "call home" when a browser detect a policy breach (I do not follow web page design development much these days), and found the talk very illuminating. The mechanism allow a web site owner to use HTTP headers to tell visitors web browser which sources (internal and external) are allowed to be used on the web site. Thus it become possible to enforce a "only local content" policy despite web designers urge to fetch programs from random sites on the Internet, like the one enabling the attack reported by Scott Helme earlier this year.
  • Red Hat Ansible Playbooks Password Exposure Vulnerability [CVE-2018-16859]
    CVE-2018-16859. A vulnerability in Red Hat Ansible could allow a local attacker to discover plaintext passwords on a targeted system.
  • Router Hardening Checklist