|
EncFS Encrypted Filesystem v1.3.2
|
|
Hits: 1 |
|
Date added: 08/10/2007 |
|
EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. You can find links to source and binary releases below. EncFS is open source software, licensed under the GPL.
As with most encrypted filesystems, Encfs is meant to provide security against off-line attacks; ie your notebook or backups fall into the wrong hands, etc. The way Encfs works is different from the “loopback” encrypted filesystem support built into the Linux kernel because it works on files at a time, not an entire block device. This is a big advantage in some ways, but does not come without a cost. |
|
|
|
|
|
|
EncFS Encrypted Filesystem Source v1.3.2
|
|
Hits: 1 |
|
Date added: 07/30/2007 |
|
EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. You can find links to source and binary releases below. EncFS is open source software, licensed under the GPL.
As with most encrypted filesystems, Encfs is meant to provide security against off-line attacks; ie your notebook or backups fall into the wrong hands, etc. The way Encfs works is different from the “loopback” encrypted filesystem support built into the Linux kernel because it works on files at a time, not an entire block device. This is a big advantage in some ways, but does not come without a cost. |
|
|
|
|
|
Lidstools v2.2.7.2
|
|
Hits: 1 |
|
Date added: 08/06/2007 |
|
LIDS is an enhancement for the Linux kernel written by Xie Huagang and Philippe Biondi. It implements several security features that are not in the Linux kernel natively. Some of these include: mandatory access controls (MAC), a port scan detector, file protection (even from root), and process protection. |
|
|
|
|
|
|
Chroot Safe
|
|
Hits: 1 |
|
Date added: 07/29/2007 |
|
chroot_safe is a tool to chroot any dynamically linked application in a safe and sane manner. It is designed to replace chroot and su nobody -c while at the same time addressing some of the major shortcomings of these tools. It was originally designed for chrooting anoncvs servers in an easy and foolproof manner, but is equally useful numerous other applications where you need chroot for security. |
|
|
|
|
|
|
Iron Bars Shell Source v0.3e
|
|
Hits: 1 |
|
Date added: 07/25/2007 |
|
Iron Bars Shell - restricted system shell for Linux/Unix
Iron Bars SHell, or short ibsh is my first attempt to create a restricted working environment for Linux/Unix. I'm sure that many system administrators wish or have wished for a way to lock some/all users into a safe dungeon, where they can only do harm to their own files. Even more important is the protection against users reading sensitive files, for example the /etc/passwd file, which is accessible for any person with an unrestricted shell. But many system files may be listed here. Users could easily gain information, that could help malicious hackers to compromise the system, the network, the company.
Many attempts have already been made to fix this problem. Menu-based and other interactive shells have been created, but they were not able to completely satisfy worried system administrators. The amount of documents available at various security sites about how to bypass restrictions, how to hack through these shells and gain full access, shows, that ANY experienced Linux user is able to cause big problems.
I don't say, that IBSH is the ultimate restricted shell, the final frontier, the only tool you'll ever need, absolutely bugfree and secure. It is also obvious, that one software is not enough to grant security. But i try to create a system here objectively, without thinking that whoever will use it is incompetent, without leaving any hole unfixed, without leaving any chance to anybody to abuse a bug. Bugs in the software are not as dangerous as bugs in the planning, in the thinking, in the design. And this is only the first step. A big step nonetheless. To create a functional, workable environment, additional tools are needed. Text editors, mail clients, browsers, etc. All posing huge threats, all easily abusable, and all already abused a number of times to bypass restrictions. So, while i continue developing the main project, ibsh, i will also try to create restricted tools or restricted tool environments. These will allow users to actually use the shell account for something sensible.
|
|
|
|
