HP To Sell Custom High-Security GNU/Linux Distro

bc90021 writes: "CNET has this story about Hewlett Packard's new secure version of Linux. Using 2.4.2, it can supposedly detect attacks as they happen. (At $3,000, I think it should counter-attack, too.) It will be available on HP servers (duh), or on servers that pass the RedHat 7.1 server qualification tests."

HP-LX

[MikeCamel]

A search on HP's site yields a training course which has been available for around a month. The name of the product seems to be "HP-LX".

Here are some of the issues listed on the page:

• secure administration model
• lockdown
• process containment (compartmentalization)
• file system protection (MAC)
• auditing.

So I presume that these will all be central to the new product. It seems fairly sensible - and it will be interesting to find out the details of exactly what they've implemented, and how.

Kernel Component of Secure Linux is Under GPL

[Bruce+Perens]

I am announcing this product in an hour. Shankland loves to jump the gun.

The kernel component of HP Secure Linux is under the GPL license. All of the other Linux security vendors currently hide their security mods to the kernel in binary-only modules, IMO abusing the modules exception to the kernel. HP would rather not play games of getting around the GPL. The user-mode component of Secure Linux is not GPL-ed, but we understand that given the kernel drivers, programmers can roll their own.

Thanks

Bruce