Linux kernel security opts out of free test patches for Grsecurity

The free lunch is over for Linux users as Open source Security Company decided to stop making test patches for Grsecurity that were available for free.

The software is a set for powerful Linux kernel security that contains features like role-based access controls and chroot restrictions that will harden Linux implementations.

The company’ s decision to limit its open source software only to subscribed users has emanated from the alleged misuse of Grsecurity trademark by an undisclosed company but it is claimed to be Intel’ s Wind River.

When the Grsecurity creator and Open Source Security President Brad Spengler were questioned, he declined to comment about Wind River.

The subscription fee was started at a rate of $200 per month, but now it is tailored to per-customer basis.

" Unfortunately, in contrast to Microsoft' s post-Windows XP Trustworthy Computing initiative which drastically changed its security trajectory, the Linux community at large has failed to invest adequately in security over the past two decades," the company has said in a blog post.

So from now on, the Grsecurity patches will be distributed under the GPLv2 free software license, like Linux kernel.

Any Linux enthusiast could pay for the future code and release it for everyone out of your good heart, but that could end things with Grsecurity subscription for good.

Tag : Linux Linux kernel
FAQ
Q
how to Self-protection is key to Linux kernel security?
A
Become An Insider
Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.
RELATED ARTICLES
Angular 2 primary
What’s new in Angular: Version 7 release candidate arrives
abstract structural/network background
How to build resilient microservices
drowning scared worried sinking failure dread mistake mubariz mehdizadeh unsplash
6 ways to make machine learning fail
See all Insider
Linux has quietly taken over the world. The operating system now powers the large datacenters that make all our cloud applications and services possible, along with billions of Android devices and internet-connected gadgets that comprise the internet of things (IoT). Even the systems that handle the day-to-day operations on the International Space Station run Linux.
Q
Linux Kernel /etc/sysctl.conf Security Hardening ?
A
sysctl is an interface that allows you to make changes to a running Linux kernel. With /etc/sysctl.conf you can configure various Linux networking and system settings
Limit network-transmitted configuration for IPv4
Limit network-transmitted configuration for IPv6
Turn on execshield protection
Prevent against the common ‘syn flood attack’
Turn on source IP address verification
Prevents a cracker from using a spoofing attack against the IP address of the server.
Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.
Q
What is Key-based authentication? Explain.
A
There are various methods to enter into the servers. One of the ways to log in is using password-based authentication, but that is not secure. So, we need a method that is secured.

One of the ways to achieve the security is to use Key-based authentication. To use this type of authentication, we have to disable the password-based authentication.
Q
how to Keep a Close Eye on Your Open Source Security?
A
This list shows us, once again, how vigilant the open source community is with security vulnerabilities. This means that security experts are working continuously to ensure open source libraries are protected, and that the various trackers and security bulletins are updated with new vulnerabilities, updates, and patches.
Q
What Are the Most Common Linux Vulnerabilities in 2018?
A
We’ve put together a list of the top 5 Linux Vulnerabilities that hit organizations so far in 2018, aggregated by the WhiteSource database, which is updated continuously from the National Vulnerability Database (NVD), that most developers and security professionals know and love, as well as additional open source publicly available, peer-reviewed security advisories. Some of these might have been first uncovered before 2018, but are still alive and kicking in many systems.