Language Selection

English French German Italian Portuguese Spanish

Overview of Linux Kernel Security Features

Filed under
Linux

In this article, we'll take a high-level look at the security features of the Linux kernel. We'll start with a brief overview of traditional Unix security, and the rationale for extending that for Linux, then we'll discuss the Linux security extensions.

Unix Security – Discretionary Access Control

Linux was initially developed as a clone of the Unix operating system in the early 1990s. As such, it inherits the core Unix security model—a form of Discretionary Access Control (DAC). The security features of the Linux kernel have evolved significantly to meet modern requirements, although Unix DAC remains as the core model.

Briefly, Unix DAC allows the owner of an object (such as a file) to set the security policy for that object—which is why it's called a discretionary scheme. As a user, you can, for example, create a new file in your home directory and decide who else may read or write the file. This policy is implemented as permission bits attached to the file's inode, which may be set by the owner of the file. Permissions for accessing the file, such as read and write, may be set separately for the owner, a specific group, and other (i.e. everyone else). This is a relatively simple form of access control lists (ACLs).

rest here




More in Tux Machines

OpenStack's Mission Is Total Victory

Marten Mickos, the incoming head of HP's cloud efforts, sets an audacious goal for the open-source cloud. When the OpenStack Silicon Valley conference schedule was first announced several months ago, Marten Mickos was best known as the CEO of Eucalyptus, which is a rival effort to OpenStack. Mickos' position is now set to change thanks to his company's acquisition by Hewlett-Packard, which was announced Sept. 11. Read more

Why the Convergent Desktop is So Important to Linux

There is one truth that all the Linux faithful hold near and dear to their hearts -- that Linux is a leader when it comes to innovation. No other platform has been able to stake that claim for such a long period of time. Even when a different platform unveils something new, many times that innovation can be traced back to Linux. One such technology is the convergent desktop. The idea behind the convergent desktop is simple -- a seamless transition from mobile to desktop (or laptop). This all started, for better or worse, with Ubuntu Edge. The idea behind Ubuntu Edge was brilliant: A high-end smartphone that, when plugged into a dock, would serve as a traditional desktop. Although the project ultimately failed (due to an inability to raise the $32 million dollars necessary to bring Ubuntu Edge to life), the idea stuck and now every platform is in a race to deliver the convergent desktop. Read more

Things to do after installing Kubuntu

Kubuntu has fully matured and stabilized and comes with the brand new KDE Plasma workspaces and other KDE technologies. Like any other operating system Kubuntu also needs a little bit of work to get it ready for you. There are a few things which are optional and I have added them here based on my own usage, you may not need them. Read more

LaKademy 2014

From August 27th to 30th, 2014, nearly sixteen KDE lovers met in the 2nd LaKademy - The KDE Latin America Summit. The sprint took place in the Free Software Competence Center (CCSL) at University of São Paulo (USP) in southeast Brazil. Read more