Linux Kernel Security - Inside the Linux Security Modules (LSMs)
The Linux Security Module (LSM) framework provides a mechanism for various security checks to be hooked by new kernel extensions.
The primary users of the LSM interface are Mandatory Access Control (MAC) extensions which provide a comprehensive security policy. Examples include SELinux, Smack, Tomoyo, and AppArmor. In addition to the larger MAC extensions, other extensions can be built using the LSM to provide specific changes to system operation when these tweaks are not available in the core functionality of Linux itself.
The topic deep dives into the
- Understanding LSMs,
- Types of LSMs,
- Architecture of LSM,
- The various hooks and the functionality provided by these hooks