Linux安全技术

2019年2月13日 0 条评论 929 次阅读 1 人点赞

Linux安全相关技术:

  • Audit
  • SELinux
  • AppArmor
  • OpenSSL
  • TPM
  • SGX
  • LSM

Linux上六种常用的安全加固技术:

1、安全的编码(Secure Code),减少编写的错误。

2、应用层漏洞缓解技术(Application-level exploitation)(SSP,relro)

3、系统级漏洞缓解技术(System-level exploit mitigation)(ASLR,NX),

4、降权处理(Privilege Dropping)(Sandboxing)

5、强制访问控制(Mandatory access control)(MAC,SELinux)

6、更新策略(Update strategy)

feature

SELinux

AppArmor

grsecurity

Automated

No (audit2allow and system-config-selinux)

Yes (Yast wizard)

Yes (auto traning / gradm)

Powerful policy setup

Yes (very complex)

Yes

Yes

Default and recommended integration

CentOS / RedHat / Debian

Suse / OpenSuse

Any Linux distribution

Training and vendor support

Yes (Redhat)

Yes (Novell)

No (community forum and lists)

Recommend for

Advanced user

New / advanced user

New users

Feature

Pathname based system does not require labelling or relabelling filesystem

Attaches labels to all files, processes and objects

A

管理员

这个人太懒什么东西都没留下