Copyright © 1999-2004 by Huagang Xie(xie_at_lids_dot_org).
This software released under GPL.
What are the problems with current GNU/Linux System
|
- File System is unprotected.
- Process is unprotected.
- System administration is unprotected.
- Superuser (root) may abuse the rights.
- Authentication to access the system is untrustable.
- the Access Control model (DAC) is not enough.
|
What is LIDS
|
- A kernel patch and admin tool to enhance the linux kernel security
- Implementation of reference monitor in kernel
- Mandatory Access Control in the kernel
- An active project with many helpful hackers.
|
What are the features
|
- Protection of files, No one including root can modify the lids-protected files. File can be hidden.
- Protection of process, No one including root can kill the protected process. Process can be hidden.
- Fine-granulate Access Control with ACLs.
- Use and extend capability to control the whole system.
- Security alert from the kernel.
- Port scanner detector in kernel.
- Support LSM framework in kernel 2.5.x
- Process network access restriction
|
Why LIDS
|
- You want to use a secure system
- You want to ensure your systems intergrit
- You want an easy way to quickly configure a system wide security policy.
- Why not?
|
Thanks to
- My advisorProf. Bai Shuo for the direction and support. Thanks also go to Ph.D Bu Dongbo and the members in Software Research Center of Insititue of Computing Technology for there kindly helps and discusions.
- Christophe Long for registering the domain name
- Webmotion Inc. for providing the DNS resolving for lids.org.
- Turbolinux, China for hosting the home of LIDS at www.lids.org.
- Thanks to Christophe Li and webmaster Wangbh
in Turbolinux,China for the help of mirroring LIDS.
- Christophe Long, Philippe Biondi
and Webmotion Incfor merging their project into the LIDS project.
- Thanks to John Carol Langford for
his "seal" program and the great idea.
- Bosko Radivojevic for providing
the Linux open wall project's logging routine. It can protect the logging flood.
- Thanks to Bosko Radivojevic ,
Valerio,
Thomas Tschoepke Soares,
tamas, etc. They
are kindly tell me the problem they meet during using lids, and valerio
also modified this README for me and mirror the lids HomePage.
- Li Dongxuan, this is a special gift to her.
- Thanks to the people who talked about the idea with me, especially Mei Jia.
- Thanks to Li Zhipeng and his company ( Beijing Topwalk security company. He helped me to setup the first page onto the company's pages.
| 