Language Selection

English French German Italian Portuguese Spanish

Overview of Linux Kernel Security Features

Filed under
Linux

In this article, we'll take a high-level look at the security features of the Linux kernel. We'll start with a brief overview of traditional Unix security, and the rationale for extending that for Linux, then we'll discuss the Linux security extensions.

Unix Security – Discretionary Access Control

Linux was initially developed as a clone of the Unix operating system in the early 1990s. As such, it inherits the core Unix security model—a form of Discretionary Access Control (DAC). The security features of the Linux kernel have evolved significantly to meet modern requirements, although Unix DAC remains as the core model.

Briefly, Unix DAC allows the owner of an object (such as a file) to set the security policy for that object—which is why it's called a discretionary scheme. As a user, you can, for example, create a new file in your home directory and decide who else may read or write the file. This policy is implemented as permission bits attached to the file's inode, which may be set by the owner of the file. Permissions for accessing the file, such as read and write, may be set separately for the owner, a specific group, and other (i.e. everyone else). This is a relatively simple form of access control lists (ACLs).

rest here




More in Tux Machines

today's howtos

GNU nano 2.9.7 was released

Accumulated changes over the last five releases include: the ability to bind a key to a string (text and/or escape sequences), a default color of bright white on red for error messages, an improvement to the way the Scroll-Up and Scroll-Down commands work, and the new --afterends option to make Ctrl+Right (next word) stop at the end of a word instead of at the beginning. Check it out. Read more

Red Hat and Fedora News

Games: Cities: Skylines - Parklife, Descenders, WolfenDoom: Blade of Agony, Stoneshard

  • Cities: Skylines - Parklife launches this Thursday, get the main game super cheap on Humble Store
    With the release of Cities: Skylines - Parklife on Thursday, it's going to expand the already great city builder with some fun new features. For those who don't have Cities: Skylines yet, it has a massive sale on Humble Store with 75% off.
  • Extreme downhill free-riding game 'Descenders' just had a huge update, needs a quick fix on Linux
    Descenders is an extreme downhill free-riding game currently in Early Access and their first major update just went live. I've been quite a big fan of it, as it showed a massive amount of promise at the initial release. I held off on covering this update right away, since the released version of the update broke the 64bit Linux version. Nearly a week later and no fix, so here's how you can fix it manually: Right click on it in your Steam library and go to properties, then hit the Local Files tab up the top and press Browse Local Files… once there, open the Descenders_Data folder, go into the Plugins folder and delete "libfmod.so".
  • WolfenDoom - Blade of Agony is looking for AMD testers
    The GZDoom-powered FPS total conversion WolfenDoom: Blade of Agony [Official Site] is pushing on with development of Chapter 3: The Clash of Faith.
  • Open-world roguelike RPG 'Stoneshard' will have Linux support, nearly hit the Kickstarter goal
    Stoneshard [Official Site] is a pretty good sounding open-world RPG, it's currently on Kickstarter with a promise of Linux support and they've nearly hit their goal. With 26 days left to go, they've hit $28K of their $30K goal, so it looks like they will manage it easily. Inspired by the likes of Diablo, ADOM, Darkest Dungeon and more, they have a lot to live up to in terms of their inspiration. What makes it sound quite interesting, is the survival elements you heal to deal with like diseases, broken bones, mental health and more.