Adamantix 1.1.0-pre15 review

Download
by rbytes.net on

Adamantix project aims to become a highly secure but usable Linux distribution

License: GPL (GNU General Public License)
File size: 299096K
Developer: Adamantix Team
0 stars award from rbytes.net

Adamantix project aims to become a highly secure but usable Linux distribution. A standard Linux distribution is not very secure, despite the fact that it may be more secure than other operating systems.

The underlying problem is that most of Linux as we know it today was designed for speed and features, but not for security. Adding security to a system which is not designed to be secure will not solve most of the current and future problems.

This means that the whole system needs to be redesigned from the ground up to make it really secure. And that is what the Adamantix project is going to accomplish.

Adamantix v1.0 (known as Trusted Debian v1.0 back then) was the first Linux distribution to integrate support for PaX and SSP (Stack Smashing Protector, aka. Propolice). PaX is a kernel patch which protects against a number of buffer overflows and other memory corruption attacks. SSP is a GCC patch which provides protection of the stack, which makes stack overflows harder to exploit.

Currently work is going on to integrate RSBAC support in Adamantix. RSBAC is a kernel patch which provides a flexible and extensible security framework. This framework is very powerful and can be used to implement almost any security feature. A number of modules which use this framework have been implemented on top of it, such as:

An improved chroot (jail) module
On-access virus scanning module
Linux capabilities management module
Linux resource management module
User ID changing management module
Role based access module
Access Control Lists (ACLs) module
And others.

All these modules can be combined to form a whole which is greater than the sum of the individual modules. In the future the number of modules is likely to grow, including modules for gr-security RBAC and SELinux, to provide backwards compatibility for legacy systems. RSBAC is a toolkit, in the same spirit as Linux is a toolkit.

It takes quite some time to learn and understand RSBAC, just like learning Linux takes quite some time. But this time is well invested and will give similar rewards as learning Linux.

Adamantix 1.1.0-pre15 search tags