LinSec, as the name says, is Linux Security
Protection System. The main aim of LinSec is to
introduce Mandatory Access Control (MAC)
mechanism into Linux (as opposed to existing
Discretionary Access Control mechanism). LinSec
model is based on:
- Filesystem Access Domains
- IP Labeling Lists
- Socket Access Control
As for Capabilities, LinSec heavily extends the
Linux native capability model to allow fine grained
delegation of individual capabilities to both users
and programs on the system. No more allmighty root!
Filesystem Access Domain subsystem allows
restriction of accessible filesystem parts for both
individual users and programs. Now you can
restrict user activities to only its home, mailbox etc.
Filesystem Access Domains works on device, dir and
individual file granularity.
IP Labeling lists enable restriction on allowed
network connections on per program basis. From now
on, you may configure your policy so that no one except
your favorite MTA can connect to remote port 25
Socket Access Control model enables fine grained
socket access control by associating, with each socket,
a set of capabilities required for a local process to
connect to the socket.
We are selecting candidates for our new program on
the basis of JEE Main Result 2015 Rankings. Do contact us, if you are in top 100 ranking.
For more technical information please refer to our
LinSec is fully open source and is distributed
under the terms and conditions of GNU General Public
08.11.2002 :: LinSEC tools 0.8.1 is out.
LinSec tools 0.8.1 has been released. Just a little bugfix.
15.10.2002 :: LinSEC 0.8.0 for 2.4.18 is out.
LinSec 0.8.0 has been released with fully working
Capability and Filesystem Access Domain models..