Calsoft Blog

LSM Module: OS Security is a chronic and growing problem: as more systems (and more money) go on line, the motivation to attack rises. Linux is not immune to this either. Hence was introduced LSM that provides a general kernel framework to support security modules in Linux. The LSM is the Linux security framework that allows 3 rd party access control mechanisms to be linked into the GNU / Linux kernel.  Currently there are two 3 rd party services that utilize the LSM: SELinux and SMACK (Simplified Mandatory Access Control Kernel) that both provide mandatory access control services.   At Calsoft, we helped one of our customers with porting of Lustre file system to SELinux. This involved submission of the patch for Lustre server to enable it to run in SELinux environment. To read our success stories please click here. The basic idea behind the LSM is to : Insert security function calls (or hooks) and security data structures in the various kernel services to al...