HP-LX 1.0 Secure Linux

kengreenebaum writes: "Webtechniques has a short but interesting article on HP's approach to a secure but expensive LINUX distro. Basically they started with RedHat 7.1 and added compartments; an extension to the age-old chroot jail concept where the processes representing major services run. Kernel extensions allow HP (or the administrator) to specify which compartments can access which kernel resources including individual files, network stacks, and each other. HP has Technical Product Brief as well as other material online. Interesting to compare HP's approach to that of the NSA's Secure Linux projects. These concepts sound like a solid way to prevent buffer overflow type security holes in individual services from compromising the entire machine. At $3000 HP-LX is too expensive for many to experiment with but the NSA's code seems to be more readily available. Anybody have experience with these distributions or with similar approaches to Linux security?"

NSA Linux distribution

I installed their distribution and it works fine, except for the GUI login which says "Welcome to wiretap029114.nsa.gov". How do I change it back to "localhost.localdomain"?

Re:Eh? How can they get away with selling that?

[Graymalkin]

Charging 3000$ for the CD set means that 99% of the jackasses who would use the GPL in order to buy something and then turn around and release it for free can't afford it while the 1% that can have to pay a pretty penny to be jackasses. I can pretty much assure you some jackass Linux zealot with no understanding on the GPL is sitting in his bedroom right now trying to figure out how he can raise 3k so he can be a folk hero by releasing the code an evil company is keeping secret. At the very least HP is giving some idiot something to do.