Understanding Containers, user space, userland and kernel space
Perhaps you’ve been charged with developing a container-based application infrastructure? If so, you most likely understand the value that containers can provide to your developers, architects, and operations team. In fact, you’ve likely been reading up on containers and are excited about exploring the technology in more detail. However, before …Read More
SELinux security
Anyone (including me) playing around with something more than default servers (cPanel, webmin/virtualmin/cloudmin, plesk, ispconfig…etc) knows that selinux = off. That’s the Law. But what about a minimum policy ? Targeted and mls can’t and shouldn’t work on environments like a web server with home users. But if you need …Read More
Kernel hardering part 1
And then, kernel.exec-shield was born.
Exec Shield is a project that got started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems. The first result of the project was a security patch for the Linux kernel …Read More