The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
|Tags||Security Operating System Kernels Linux|
Release Notes: Upgraded to Linux 2.6.21. Minor capability syntax changes.
Release Notes: This version fixed a security bug when checking the "LD_" exploit , enhanced lids hooks to support capability-enable applications, and enhanced the Kconfig to make LIDS visible when other modules are marked as modules.
Release Notes: This version added support for the x86_64 platform, was enhanced to prevent /etc/lids/ from being read by normal users, and fixed a filp_open bug. Major cleanups were made with regard to spelling and formatting.
Release Notes: This release updates the Kconfig to make the LIDS kernel options configuration easier, and is upgraded to use kernel 2.6.11.
Release Notes: This version fixed a bug that prevented it from working with Fedora Core 3 by enhancing the the boot loading hooks. It also fixed a minor compiling warning in lids_sysctl.c and a segment fault error in lidstools.