HP-LX 1.0 Secure Linux

kengreenebaum writes: "Webtechniques has a short but interesting article on HP's approach to a secure but expensive LINUX distro. Basically they started with RedHat 7.1 and added compartments; an extension to the age-old chroot jail concept where the processes representing major services run. Kernel extensions allow HP (or the administrator) to specify which compartments can access which kernel resources including individual files, network stacks, and each other. HP has Technical Product Brief as well as other material online. Interesting to compare HP's approach to that of the NSA's Secure Linux projects. These concepts sound like a solid way to prevent buffer overflow type security holes in individual services from compromising the entire machine. At $3000 HP-LX is too expensive for many to experiment with but the NSA's code seems to be more readily available. Anybody have experience with these distributions or with similar approaches to Linux security?"

Re:What about GPL, GNU, etc?

[pmcneill]

Yes and no. They have to release the source to the people to whom the product is distributed. However, they don't have to make it publically available. The catch is that the people who receive the source can also redistribute it at will. As someone else pointed out, the source is available here.

I expect, however, that HP has some proprietary stuff that's included in non-GPLd binaries.

Re:Eh? How can they get away with selling that?

[inburito]

Uh.. How about you go download the GPLed code from hp's site right now instead of speculating about what people could do.

However.. You are not going to get the closed source administration tools without which the kernel mod's are almost worthless. You also don't get a fully set up distribution with all the configuration and will have to duplicate all the effort that went into creating it.

If you want to be reasonably sure that your version is secure you'd have to perform extensive testing on it and have a lot of really smart people take a look at it. This is actually the easiest part as it follows normal linux development method. Still, whose ass is on the line if things are not as secure as they should be?

And you can bet your ass that anything that doesn't need to be GPLed is not and it comes with a very strict HP license that specifically forbids any disassembly, resale, etc.. Support contracts probably also include a clause that you have to have purchased the official hp distribution..

Re:Low confidence in anything from HP

[Bruce+Perens]

I agree that the HPUX folks do sometimes seem to lose sight of the fact that there is an outside world that, for the most part, doesn't run HPUX. But fortunately I work on Linux. HP has contributed a lot to free software: the IA-64 port of the Linux kernel is led by David Mosberger of HP and is all GPL, of course. HP spends about 1/2 Million per year just on salaries, benefits, and overhead for 4 of the key Samba developers. And a number of HP projects like Cooltown have come under the GPL. And of course they pay for all of my political efforts on behalf of free software - working on software patent issues, speaking, writing, etc.

Bruce

Looks like "Secure Linux for Retards"

[dwbryson]

Ok, I feel that putting some peices of security in an OS kernel is a good idea. It allows you to have a lot of control over what goes on on a system, however it's not always the best idea for certain things. This distro it seems is that + *basic* system security...

HP-LX includes pretty much every security tool for Unix imaginable, and defaults are set up with security in mind right out of the box. For example, HP-LX allows command shell access only via the system console or SSH (encrypted) connections. HP forces you to use OpenSSH by including a procedure for creating and installing the keys during the OS installation.

This is a no brainer for anybody who is semi secruity concious. And

HP-LX's installer won't install unneeded services. This is probably one of the best things you could do on your existing server; remove everything that you don't absolutely need.

Comon people, every semi decent sysadmin knows this. Maybe I'm expecting too much from people (the number of people that complain to me about not being able to use telnet is disgusting) The added chroot jail stuff is neat, and no doubt helpful, but this distro really looks like it is not worth 3k. Any competent Linux admin could set this up with a couple days work. That doesn't mean his manager will approve... they would buy the MP distro because it would make them feel warm and fuzzy inside, even if their admin could design a better distro. When the article first off proclaims things like:

Pros: Currently the most secure commercially available Linux system.

I can generally discount most of what it has to say. Security is a process not a product.