Language Selection

English French German Italian Portuguese Spanish

LinuxCon: Exploits Show Why Linux Is Vulnerable

Filed under
Linux
Security

There is a widely held belief that Linux is a completely secure operating system. But to Brad Spengler of the grsecurity project, the belief is far from accurate. And he has the kernel exploits to prove it.

Speaking at the Linux security summit during the Linux Foundation's LinuxCon conference here this week, Spengler described how his efforts have resulted in Linux becoming more hardened for security, even though his approach -- developing Linux kernel exploits -- may be viewed with suspicion by some.

For instance, he said he created a Linux kernel exploit system called Enlightenment that ultimately won him some negative interest from the U.S.'s National Security Agency (NSA). According to Spengler, Enlightenment can disable Linux access control policy, including features such as Security-Enhanced Linux (SELinux) and AppArmor -- and in doing so, proves an important point, he said.

Rest Here




More in Tux Machines

Leftovers: Gaming

Leftovers: Software

today's howtos

ACPI, kernels and contracts with firmware

This ends up being a pain in the neck in the x86 world, but it could be much worse. Way back in 2008 I wrote something about why the Linux kernel reports itself to firmware as "Windows" but refuses to identify itself as Linux. The short version is that "Linux" doesn't actually identify the behaviour of the kernel in a meaningful way. "Linux" doesn't tell you whether the kernel can deal with buffers being passed when the spec says it should be a package. "Linux" doesn't tell you whether the OS knows how to deal with an HPET. "Linux" doesn't tell you whether the OS can reinitialise graphics hardware. Read more