LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security Innovation's Microsoft/Linux web server security study

Security Innovation's Microsoft/Linux web server security study

Posted Mar 23, 2005 20:13 UTC (Wed) by bluefoxicy (guest, #25366)
Parent article: Security Innovation's Microsoft/Linux web server security study

Red Hat is the ass of Linux. I don't know why they can't meter us against someone like Novell, who isn't a Microsoft-style "We own most of our market so we can do whatever we want" pile of crap.

I'm sure many distributions have dedicated security teams, although I can say first-hand that Gentoo has a very active security crew who not only gets patches out as soon as a vuln is known-- sometimes before upstream-- but also researches the integration of PaX, GrSecurity, mandatory access control, stack smash protection, and anything else feasible (meaning easy to deploy and not terribly expensive in terms of space or performance overhead) to use so that new security flaws are "already taken care of."

Ubuntu Linux may hopefully be going the proactive route, which seems very evident as per the official formation of Hardened Ubuntu by the Ubuntu Linux security team and the Hardened Debian team. This would negate a large portion (approximately 80%?) of security notices in whole or in part.

Note that the Hardened Debian team was created to bring the advances in Hardened Gentoo to the Debian world; and these guys all also communicate directly with the Adamantix team, The PaX Team, and in some cases the GrSecurity team. They also all use SeLinux and/or RSBAC for MAC as well as GrSecurity.

(Log in to post comments)

Security Innovation's Microsoft/Linux web server security study

Posted Mar 23, 2005 20:30 UTC (Wed) by tzafrir (subscriber, #11501) [Link]

SELinux, you mean the whose integration caused so much grief to Fedora users? Already in RHEL4.

As for PaX: Any news following http://lwn.net/Articles/126986/ ?

Security Innovation's Microsoft/Linux web server security study

Posted Mar 23, 2005 22:03 UTC (Wed) by bluefoxicy (guest, #25366) [Link]

Yeah, that hole is fixed in 2.6.11 PaX. As for the future, PaX is probably going to be handed off to Brad Spengler, the GrSecurity lead; though anyone who wants to help is quite welcome to come help. As it stands now, the PaX team is still actively working on PaX, going to hand it off April 1.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds