Slashdot Mirror
Trustix Secure Linux 2.2 Released
Dr_Pervert writes "Trustix Secure Linux (currently overloaded) today released version 2.2, and at the same time, the earlier plans to make TSL commercial only were dropped."
← Back to Stories (view on slashdot.org)
Well, lets help 'em out by putting a link on /.!
Not a Twitter sockpuppet... but I wish I was.
Security has two major parts, the stability of the system and additional designs to make it secure. Thats why secure OSes/distros do not head for the newest features focusing mainly on auditing the current code increasing its 'maturity'.
This is where the problems of secure Linux distros start. The Linux kernel is loaded with features, alpha and new, along with what makes it stable. Going with 2.6.9 might make a distro susceptible to bugs that will be discovered in the next couple of months, while setting up camp on 2.4.x requires them to do the same with 2.6 later on, while trailing on hardware support including the latest CPUs and chipsets.
Linux's opensourceness gives it an edge over trusted Solaris and trusted AIX, but that exists in BSD too. OpenBSD has kept the 'simple' design over additional security functions which gives it a permanent edge over any secure linux distro, but Linux enjoys the software base OpenBSD doesnt... decisions decisions.
The best thing about a secure Linux distro IMHO is its enormous potential to displace most other secure OSes. IBM has been pushing Linux and will replace trusted AIX with trusted Linux for banks and insurance markets, if Linux has the merits, Sun has already been replacing Solaris with Linux, might as well invest into its security. Windows doesnt stand a chance against any of the above, so Linux gains great market share of the security demands.
I really thing theres a major pressure to create a system that seperates the featureful 'Linux' from the stable and mature, either by version numbers, or as Linus suggested, tags in the modules or options. It might even fork the kernel, but I doubt any branch will risk breaking binary compatibility.
A rudimentary EXPERIMENTAL tag system exists in the sources, but I've had crashes because not all new features are marked so. Been tough deciding for us between Linux and OpenBSD recently, since OpenBSD doesnt really support our preferred NIC and IDE controller, and doesnt run veritas, while Linux has crapped out more than once on the few bad drivers we have to use.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
Does anyone have any experence with SELinux? Is it still around, and if so, how does it compare to this.
Spam Test
Open Source, being necessary to security and innovation, the right of the people to alter and copy shall not be infringed.
It sounds like a trusted system, not a secure system. Keep in mind that those aspects of the system are completely orthogonal--e.g. I would not expect Microsoft Palladium to be secure, but it will be trusted. On the other hand I expect Linux to be secure, but never trusted. (In the US Department of Defense where the term 'trusted system or component' originated, it means 'one which can break the security policy'--see TCPA FAQ 24.) Very unfortunate name. It may turn out to be disastrous for an otherwise promising project. Too bad.
what the fuck.....
Error 407 - No creative sig found