LIDS is an enhancement for the Linux kernel written by Xie Huagang and Philippe Biondi. It implements several security features that are not in the Linux kernel natively. Some of these include: mandatory access controls (MAC), a port scan detector, file protection (even from root), and process protection.
The current Linux setup has many problems that are inherent in many versions of *nix. Probably the single largest problem is the "all powerful" root account. When a process or user has root privileges, there is little if nothing to prevent that process or user from completely destroying the system. A malicious user/intruder with root access can cause much heartache for us hard working sysadmins. LIDS implements access control lists (ACLs) that will help prevent even those with access to the mighty root account from wreaking havoc on a system. These ACLs allow LIDS to protect files as well as processes.
Currently, LIDS supports the latest 2.2.x kernels as well as the new 2.4 kernel. Xie has expressed interest in making 2.4 the primary kernel for LIDS support. However, he also has stated he would maintain a stable version of LIDS for the 2.2.x series.
Yes. You can post to the list at any time by e-mailing lids-users@lists.sourceforge.net
. However, if you wish to receive messages posted to the mailing list, you must subscribe to it. To subscribe, go to
http://lists.sourceforge.net/lists/listinfo/lids-user and fill out the form. You will then receive a confirmation request that you must reply to. You can also unsubscribe and change your mailing list options from that page.
The mailing list archive is located at http://www.geocrawler.com/lists/3/SourceForge/9348/0/ The old archive can be found at http://groups.yahoo.com/group/lids.
This document is copyright(c) 2000, 2001 Steve Bremer
and it is a FREE document. You may redistribute it under the terms of the GNU General Public License.
The information here in this document is, to the best of Steve's knowledge, correct. However, being human, there is the chance that mistakes, bugs, etc. might happen from time to time.
No person, group, or other body is responsible for any damage to your computer(s) and any other losses by using the information in this document. i.e.
THE AUTHORS AND ALL MAINTAINERS ARE NOT RESPONSIBLE FOR ANY DAMAGES INCURRED DUE TO ACTIONS TAKEN BASED ON THE INFORMATION IN THIS DOCUMENT.
If you have any questions, comments, suggestions, or corrections for this document, please feel free to contact me at steve@clublinux.org. I always welcome feedback whether it's good or bad!
Special thanks go to:
/etc/passwd
file.
Linux is a trademark of Linus Torvalds
The latest version of this FAQ can be found at http://www.clublinux.org/lids/. Please check the latest version before reporting any bugs.
Added a much simpler fix to the lidsadm compile problem. Clarified the sealing the kernel question (hopefully). Minor corrections.
Minor additions to Basic System Setup sample configuration. Added section on configuring e-mail alerts.
Minor correction to lidsadm compile problem question.
Added information about the new file ACL inheritance "-i" option in LIDS-0.9.12. Also updated the configuration examples to use the "-i" option when required. Other minor updates including information about lidsadm compile problems, enabling/disabling capabilities, and how to setup ACLs for a new program.
Minor corrections.
Initial release.