Kernel Security for 2.8 - Kernel Summit 2004

1,031 views
965 views

Published on

"Kernel Security for 2.8", presentation given at the Linux Kernel Summit in Ottawa in 2004.

Note that this was when we were still expecting to have versions 2.7/2.8.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,031
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Kernel Security for 2.8 - Kernel Summit 2004

  1. 1. Kernel Security for 2.8 Linux Kernel Summit Ottawa 2004 James Morris, Red Hat
  2. 2. Current Status Several security features in 2.6: ● LSM ● Crypto API (software) ● Cryptoloop ● dm-crypt ● IPSec ● SELinux (MAC, RBAC) ● NX ● Audit Framework ● Syscall Auditing Discussion?
  3. 3. Potential Future Directions (2.7+) ● SELinux: ● MLS (multilevel security) ● Labeled networking ● Integration with resource management ● NFSv4 integration ● Virtualization: ● Increased isolation ● Polyinstantiation ● Hardware Crypto API ● Kernel keyring management ● More LSM applications? ● Continued refinement of Netfilter ● Signed modules (2.6?) ● Signed binaries ● Exec-shield (2.6?) ● TPM ● LT ● Better capabilities (Chris Wright) ● Separate out DAC (Chris Wright)

×