Openwall Releases 'Linux Kernel Runtime Guard' 0.9.0 (linuxreviews.org) 7
Long-time Slashdot reader xiando shares news from LinuxReviews:
Linux Kernel Runtime Guard (LKRG) is a security module for the Linux kernel developed by Openwall. The latest release adds compatibility with Linux kernels up to soon to be released 5.12, support for building LKRG into kernel images, support for old 32-bit x86 machines and more...
The Linux Kernel Runtime Guard is an out-of-tree kernel module you can install as a kernel module, or, with the 0.9.0 release, build into your Linux kernel. It does run-time integrity checks to detect security vulnerability exploits against the Linux kernel.
An Openwall developer also notes in the announcement that "During LKRG development and testing I've found 7 Linux kernel bugs, 4 of them have CVE numbers."
The Linux Kernel Runtime Guard is an out-of-tree kernel module you can install as a kernel module, or, with the 0.9.0 release, build into your Linux kernel. It does run-time integrity checks to detect security vulnerability exploits against the Linux kernel.
An Openwall developer also notes in the announcement that "During LKRG development and testing I've found 7 Linux kernel bugs, 4 of them have CVE numbers."
Honeypots? (Score:2)
I would hesitate to run this on any production systems especially since it is still in an "experimental" stage. I think it would be perfect to run on honeypots although. Who knows? Maybe one could discover new kernel bugs that would then be fixed by main line kernel developers.
Re: (Score:2)
Re: (Score:2)
Good point! Indeed, just changing the "kernel panic" option to log only might attenuate the possible effects of being experimental.
What's the consensus on this module and Openwall in general? I doesn't seem to be well known here on Slashdot given the number of comments on the topic.
Re: (Score:2)
I forgot to mention, I reviewed their products and the IDS thing is the one that caught my attention the most. They seem to know what they are doing, link below:
http://phrack.org/issues/53/13... [phrack.org]
But what does it do? (Score:3)
It would be nice if the Slashdot summary actually told us what the heck this thing is supposed to do.
Re:But what does it do? (Score:5, Informative)
this is what's missing from the summary [openwall.com]