Article Title: Linux security ?. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Computer systems and information security problems must be solved in the information society. The emergence of a large number of Internet applications makes this problem more prominent. Recently, with the occurrence of the PIII serial number and the backdoor key in the Microsoft operating system, we have realized that information security is "Important and Urgent ". Academician Shen changxiang, who is engaged in research in the field of computer security, pointed out: "the information security assurance capability is an important part of the comprehensive national strength, economic competitiveness, and viability of the 21st century, it is the commanding heights of the world at the turn of the century."
As we all know, most of our computer and network systems, from hardware to software, are foreign products, including some related security products. Many products are designed with backdoors for product testing. There may also be some design defects, and there may be potential security traps. All these are like the ant cuts in the treasure of a thousand miles. I remember the story that country A used local building materials to build the embassy in country B and found A large number of eavesdropping devices in the building, in the end, we had to use our national workers and construction materials for reconstruction at any cost. Therefore, we must use our own products in the security system to make information security a Chinese brand.
Computer systems and information security can be divided into two aspects: security technology and password technology. Specifically, the key to security technology is the operating system, CPU, etc. However, we do not have our own operating system and CPU, and we will not have it in the short term, but we should eventually have it, I think this should be taken into consideration in a strategic sense. Fortunately, the emergence of Linux provides opportunities and challenges for establishing a secure and autonomous operating system in China. Developing an operating system with independent copyrights has great economic and social benefits, I believe that security must be put first.
Is the source code exposed insecure?
Linux is a free and open operating system software. Its initial design goal is not a secure operating system. Therefore, Linux has some security shortcomings, vulnerabilities and backdoors. With regard to operating system security, apart from Windows NT being identified as level C2 that meets the US security standard, it is difficult to define it in other words. This is also true for Linux. Currently, many discussions on computer system security are not about the operating system, but about the application software or some protocols, such as the MIME in Sendmail and the security of TCP/IP, here we will only briefly introduce several main issues in the Linux kernel, so as to point out several aspects that should be paid attention to when establishing a secure and autonomous operating system.
Linux is a free software and its source code is open. Some people think this is an insecure factor. Actually not. First of all, this open-source system software is just a security feature that is not inherent in an autonomous black box operating system, that is, users can have a deep understanding of it and quickly solve problems discovered, you don't have to wait for software patches and upgrades. Second, in the security research of cryptographic algorithms, the premise is that the algorithms are public-that is, if Attackers know the algorithms, detailed algorithms that require confidentiality are not studied and used for value.
Linux is insecure?
The first problem in Linux is that the boot disk can be used to start the computer, or LILO can be used to enter the single-user mode, and the root user's permissions are obtained without the root password. This has been introduced in many Linux articles as a solution for forgetting the root password. This is a big security issue because it makes the root password meaningless.
The second is the Linux Password. Linux stores the One-Way Hash operation result of the user's password in plain text. In addition to user-selected easy-to-remember passwords and other factors, it is easy to use dictionary attacks. At the same time, the user remotely logs on to the system and transmits the plaintext of the password, which is easy to eavesdrop. Currently, Shadow technology is used in Linux releases. First, the password is extended and then used for One-Way Hash calculation. The results are stored in files accessible only to root users, the Padding data is a pseudo-random number. This improves the password security. However, cryptography research shows that using symmetric or Hash algorithms alone is not enough to form a Secure Password Authentication solution.
Third, the SETUID problem. SETUID is used to solve the problem of executing programs that are executed by some common users but must temporarily obtain the root privilege during execution, which is also a security risk. A hacker can set the SETUID for his/her hacker program when the root permission is available. Later, the hacker can log on to and run the program as a common user, which is highly concealed and hard to detect.
Fourth, the buffer overflow problem. Buffer overflow occurs when the input data exceeds the allocated bucket and the system does not directly process the data. Buffer overflow may cause program exit, data loss, and other unpredictable results. As the C and C ++ compilers do not check for buffer overflow and pointer out-of-bounds, a buffer overflow problem occurs. If the buffer overflow occurs in the executable stack, it overwrites the original program execution information in the stack, causing the system to execute wrong commands. Therefore, when a hacker program can intentionally arrange stack overflow, the system may execute the hacker program instead. The hacker program obtains the right (usually root privilege) of the program being executed ), the system is damaged or out of control.
Fifth, computer viruses and Trojan Horse programs. Nowadays, computer viruses and Trojan Horse programs on the PC platform are constantly emerging, and the destructive power is increasing. People cannot defend against them, but there are not many viruses on Unix/Linux, which are closely related to the operating system mechanism, it is also related to the lack of popularity of Unix/Linux. Linux has problems such as SETUID and buffer overflow, which provides an entrance for computer viruses and Trojan horses.
In addition, there are other problems and problems in the specific operations and settings, which are not listed here.
How to Ensure Linux security?
To address some security issues in Linux, you should pay attention to the following points when building a secure and autonomous operating system: first, the system guidance problem, and the user's identity authentication must be ensured. The second is the password mechanism. We should study the Security Password Authentication Scheme Combined with the public key cryptography algorithm. Third, in Linux, process management and scheduling are implemented in a simple way, which is not enough in terms of security and complex tasks. A better solution for File Permission, process management, and execution permission management is required. To solve the buffer overflow problem, on the one hand, it is to strictly check the compiler, on the other hand, it is to seek Dynamic Solutions to ensure control of the system and strive to reduce losses.
At the same time, I believe that a secure operating system should have a certain degree of anti-virus and Trojan Horse capabilities. When designing the operating system kernel, we should combine anti-virus technologies to make it fundamentally immune.
The emergence of Linux provides opportunities and challenges for the establishment of secure and autonomous Operating Systems in China. But is Linux Insecure? Where is security? Where is the insecurity? How can we foster strengths and circumvent weaknesses when developing Linux in China? This topic welcomes readers to have a wide and in-depth discussion on Linux security issues.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.