mohd fayzal wrote:
> i'm a final year student in a quest to find an interesting yet do-able
> final year project, one area i like to dive into is understanding the
> inner working of kernels, therefore i thought abt comparing various
> linux distro's in particular its security, so i'm gonna do a
> comparison between bastille, engarde, and SE linux. Now my question is
> ... does lsm really is the base modulle for all these distro's.
Misconceptions galore:
* Bastille is a security-enhancing package that you add to distros,
and not a distro itself.
* EnGarde is a distro, but contains no original security features.
It is mainly LIDS with a web GUI. LIDS, in turn, was originally a
kernel patch, and now has an LSM version.
* SELinux is not a distro either. It was originally a kernel patch,
and is now an LSM module, and associated user-level tools.
Secure distros would be EnGarde (uses LIDS, may or may not be on the LSM
version), Immunix (uses LSM for the SubDomain feature), and Trusted
Debian (does not use LSM, it uses RSBAC instead).
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
Immunix 7.3 http://www.immunix.com/shop/
This archive was generated by hypermail 2b30 : Thu Feb 19 2004 - 00:28:36 PST