By John P. Mello Jr. LinuxInsider Part of the ECT News Network
01/11/05 8:35 AM PT
Brad Spengler of grsecurity characterized the Linux Security Model, or LSM, as merely a way to allow the National Security Agency's SELinux to be used as a module. "The framework is unfit for any security system that does anything remotely innovative, such as grsecurity and RSBAC [Rule Set-Based Access Control]," he declared.
How Much is 'Free' Costing You? Learn how DaveRamsey.com saw a 567% uplift in ROI with Omniture. This complimentary guide and webinar cover the most important factors in selecting an analytics solution. Download Now.
A developer of security software for Linux had some harsh words yesterday for what he sees as a lax attitude toward security in the operating system's community.
"Linux is being presented by commercial vendors as a professional, enterprise-ready product," Brad Spengler, of grsecurity, said. "When it comes to security, I don't see it as either professional or enterprise-ready."
Spengler has gained notoriety recently through articles posted on the Web criticizing Linux security in general and in particular the Linux Security Module (LSM).
Speed Trumps Security
According to the programmer, Linux kernel developers don't take security seriously. "Linus [Torvalds] has told me personally that he is not interested in adding even the option of very useful security features that can help prevent buffer overflow exploitation because using some of these features would make applications load a small fraction slower," Spengler said.
His frustration that performance is often given priority over security is one shared by many security professionals in all areas of IT, not just the Linux realm.
"Given the current trend in IT, performance is always given top priority over security," Vincent Danen, security update manager for Mandrakesoft in Edmonton, Alberta, Canada, said. "I also think that in a number of cases, features are given priority over security. This isn't something specific to Linux. You see this everywhere."
Spengler also groused about the absence of an official security officer for the Linux kernel to whom communication could be directed privately and securely.
"What we are told to do currently is to e-mail vendor-sec, which is a large list of people involved with vendors that will handle security issues," he explained. "However, they cannot be trusted (just recently the uselib() exploit was leaked or stolen from vendor-sec) and they cannot be communicated with securely (they have no PGP key)," he told LinuxInsider via e-mail .
Blackhats Dance, Vendors Fiddle
While "blackhats" exploit stolen information from vendor-sec, vendors on the list sit on the vulnerabilities, he asserted. "What results is that the vulnerabilities are being exploited for weeks while Linux users as a whole are unaware that there is a vulnerability," he said.
Mandrakesoft's Danen, a member of vendor-sec, noted that the "leak" referred to by Spengler is still being investigated by the group. "We're thinking it's not necessarily a leak in vendor-sec," he said. "We think someone put a sniffer in front of one of the companies that was dealing with us on one particular vulnerability."
That company isn't part of vendor-sec, he explained, but it would be receiving copies of discussions about the vulnerability since it brought the problem to vendor-sec's attention.
LSM Loose Cannon
Spengler was also critical of LSM, which has been incorporated into version 2.6 of the Linux kernel. He characterized LSM as merely a way to allow the National Security Agency's SELinux to be used as a module. "The framework is unfit for any security system that does anything remotely innovative, such as grsecurity and RSBAC [Rule Set-Based Access Control]," he declared.
He contends that LSM provides many hooks deep into the inner workings of the kernel, which can be used just as easily by a rootkit (a program for hacking the root), or malware, as a legitimate security module. "The hooks LSM provides to rootkit authors were previously very difficult (or impossible) to obtain, so having LSM in the kernel, if unused by a security module that prevents rootkits, will result in new, advanced rootkits that will be nearly impossible to detect," he said.
Danen concurred with Spengler's analysis of LSM. "If I were building a 2.6 kernel, I would be disabling LSM," he said, "which means that I wouldn't be able to take advantage of technologies such as SELinux, but I don't really care. There are other alternatives that are just as good that don't require LSM."
"Some of this comes down to a matter of taste," averred Bill Weinberg, OS Architecture Specialist for Open Source Development Labs in Beaverton, Oregon. "They [grsecurity] have their own architecture that they would like to see in place, and [as] is so common in Open Source, they are critiquing the status quo in the open community, in the marketplace. Sometimes those discussions can become quite vociferous."
What's so hard about creating another distro with your suggested ...
Next Article in Technology
Cell Phones Continue To Drive Some Off the Road January 11, 2005
While groups are pushing use of hands-free devices, their effectiveness is questionable. "We were a bit surprised to find that the hands-free devices did not have an appreciable impact on the number of accidents that stem from people talking on cell phones," noted Dr. David Strayer of the University of Utah.
Related Stories
Open Source: Predicting a Happy New Year December 21, 2004
In 2005, open source will become respectable for big business. It is true that many big businesses already have respect for open-source software, such as IBM, Oracle and Sun. Even Microsoft has developed a healthy respect for open source as a formidable adversary.
Skills Shortage Could Mean Growing Pains for Open Source December 08, 2004
In a survey released by Forrester Research, 57 percent of those using Linux or open-source software said their biggest concern was lack of support; 36 percent said it was a lack of skills or knowledge. Of the respondents who weren't using Linux or open-source software, 55 percent tagged lack of skills or knowledge as their biggest concern; 53 percent said it was lack of support.
Solutionary's Earle Humphreys on Managed Security November 04, 2004
Solutionary bases its managed services offering on ActiveGuard, the company's proprietary security software. The solution continuously monitors and checks networks for changes and vulnerabilities, examines messages for irregularities and implements countermeasures.
French Firms Aim To Beef Up Linux Security September 24, 2004
The consortium plans to make bringing Linux up to the Evaluation Assurance Level 5 (EAL5), which is part of an internationally recognized security certification called Common Criteria, its first effort. EAL5 satisfies major security requirements in commercial as well as defense and government applications.
Related News Alerts
More by John P. Mello Jr.
Learning the Way of the Snow Leopard November 23, 2009
When confronted with a new piece of technology, some users will jump right in, but others may want to learn from an expert how to get the most out of it. Class On Demand puts 13 lessons onto a DVD that Mac greenhorns can use straight from their new computers. However, as many vendors operating in the Apple universe have found, one of their biggest rivals may turn out to be Apple itself.
VMware Fuses Performance With Convenience November 16, 2009
Fusion 3.0, the latest virtualization app from VMware that lets Mac users run Windows alongside OS X, puts an emphasis on performance. VMware built it specifically to leverage the 64-bit capabilities of Snow Leopard with a new 64-bit native engine. Its Migration Assistant for Windows lets Mac switchers recreate their old Windows PC inside a Mac, file by file.
Mouse Meets Multi-Touch November 09, 2009
Apple's latest peripheral, the Magic Mouse, takes the concept of multi-touch that the iPhone and iPod touch popularized and merges it with a button-free mouse. As one's mouse is a direct point of contact between human and machine, any changes made to it can be a divisive issue. Some users love the new abilities Magic Mouse brings to the table; others just can't stand the thing.
Headline Feeds
Talkback: 
