Past and present of Linux security

Article Title: Past and Present of Linux security. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Linux itself is not a secure operating system. This is because Linux was developed based on the Structure Design of UNIX, and UNIX developers were not very concerned about security issues-after all, it was in 1969.

"The first thing to face is the fact that UNIX developers have not considered security issues. This alone will lead to a large number of vulnerabilities, "Dennis Ritchie wrote in his paper on UNIX security in 1979.

Last Tuesday at con in Boston, James Morris, a Red Hat Linux kernel developer, talked about how Linux has evolved over the past decade to overcome its own security model limitations.

Morris pointed out that the problem was that at the end of the 1960s s when UNIX was born, everyone thought we could have flying cars now, but the fact was that we had Facebook. What we are doing with computers today may be the dream of people more than 40 years ago, even though we still rely on operating systems designed decades ago.

This is the challenge for Linux developers. To ensure Linux security, software engineers must insert security components around the Linux kernel, Morris said. The earliest security mechanism in Linux was unix dac, followed by POSIX, access control list, private and PID namespace, encryption, Linux security module, SELinux, Smack, TOMOYO, Apparmor, A similar list is still in progress.

However, with so many choices, users may feel confused. It is a bit like entering a "Cool Stone" ice cream shop, and you will be overwhelmed by a long string of recipes and ice cream tastes. It is better to choose from the recipes you have prepared, or simply pick up the Cherry Garcia directly from the grocery store nearby.

Dazzling Linux Security Options

Numerous Linux security options not only impede the development of security technology, but also make it difficult to establish secure Linux servers and workstations. For example, a user or system administrator has to decide whether to enable Smack, TOMOYO, SELinux, or Apparmor. Making such a decision is not as simple as you think, because many of these technologies solve similar problems, but their processing methods are slightly different. For example, Novell developed AppArmor for its SUSE Linux Enterprise Server, which is a competitor of SELinux. Novell released a comparison of the two technologies on its AppArmor website. The result is that Apparmor has a simpler configuration file format (Note: many users have always considered SELinux's security-level settings very troublesome, and some even reported that SELinux may cause security problems, therefore, many tutorials teach you how to disable SELinux ).

We have not discussed network security, Storage Security, and malware prevention. This involves setting a firewall for packet filtering. As for blocking malware, there are currently several projects in different stages of development, such as fsnoop, TALPA, and DazukoFS.

Morris also said the biggest problem was "making people aware that security measures are necessary ."

"This is not like a seat belt ." "We cannot allow law to restrict Secure Linux servers and workstations. We must convince people that this is good for them ."

Linux security mechanism transparency

Therefore, we need to make security options as transparent as possible, rather than making the vast majority of Linux users struggling with numerous security options, Morris said.

Transparency is one of the goals of AppArmor. "AppArmor is designed to be highly transparent to application software," said Tony Jones of SUSE. "If you add AppArmor to a work system, You need to develop the AppArmor configuration file, but you don't need to change your application. If you remove AppArmor from a running system, the system will continue to run as before, but there is no Apparmor security protection ."

Although SELinux configuration files are more troublesome than Apparmor, transparency is also one of its goals. "The Linux security module (LSM) inserted by SELinux can process access requests from the network core layer for multiple common network applications," said the red hat. SELinux-based security systems do not require additional management for these applications. In addition, it is completely transparent to users and applications ."

The advantage of increasing transparency is that it can reduce human security threats. Like water, people like to find a path without obstacles. If the system administrator needs to write tedious configuration files and pages to set up a secure system, many of them may be easily discouraged.

"Security is ultimately a human problem," said Bruce Schneier, a security expert.