LIDS is an enhancement for the Linux kernel written by Xie Huagang and Philippe Biondi. It implements several security features that are not in the Linux kernel natively. Some of these include: mandatory access controls (MAC), a port scan detector, file protection (even from root), and process protection.
The current Linux setup has many problems that are inherit in many version of *nix. Probably the single largest problem is the "all powerful" root account. When a process or user has root privileges, there is little if nothing to prevent that process or user from completely destroying the system. A malicious user/intruder with root access can cause much heartache for us hard working sysadmins. LIDS implements access control lists (ACLs) that will help prevent even those with access to the mighty root account from wrecking havoc on a system. These ACLs allow LIDS to protect files as well as processes.
Currently, LIDS supports the latest 2.2.x kernels as well as the new 2.4 kernel. Xie has expressed interest in making 2.4 the primary kernel for LIDS support. However, he also has stated he would maintain a stable version of LIDS for the 2.2.x series.
Yes. You can post to the list at any time by e-mailing lids@egroups.com. However, if you wish to receive messages posted to the mailing list, you must subscribe to it. To subscribe, simply e-mail
lids-subscribe@egroups.com. You will then receive a confirmation request that you must reply to. To un-subscribe from the list, e-mail lids-unsubscribe@egroups.com.
The mailing list archive is located at http://www.egroups.com/list/lids.
This document is copyright(c) 2000 Steve Bremer and it is a FREE document. You may redistribute it under the terms of the GNU General Public License.
The information here in this document is, to the best of Steve's knowledge, correct. However, being human, there is the chance that mistakes, bugs, etc. might happen from time to time.
No person, group, or other body is responsible for any damage on your computer(s) and any other losses by using the information on this document. i.e.
THE AUTHORS AND ALL MAINTAINERS ARE NOT RESPONSIBLE FOR ANY DAMAGES INCURRED DUE TO ACTIONS TAKEN BASED ON THE INFORMATION IN THIS DOCUMENT.
If you have any questions, comments, suggestions, or corrections to this document, please feel free to contact me at steve@clublinux.org. I always welcome feedback whether it's good or bad!
Special thanks go to:
Linux is a tradmark of Linus Torvalds
The latest version of this FAQ can be found at http://www.clublinux.org/lids/LIDS-FAQ.html.
Initial release.