Kernel Hardening

Registered by Kees Cook on 2010-04-27

Review additional kernel hardening features.

Blueprint information

Status:
Complete
Approver:
Kees Cook
Priority:
High
Drafter:
Kees Cook
Direction:
Needs approval
Assignee:
Kees Cook
Definition:
Approved
Series goal:
Accepted for maverick
Implementation:
Implemented
Milestone target:
milestone icon ubuntu-10.10
Started by
Kees Cook on 2010-05-18
Completed by
Kees Cook on 2010-07-15

Related branches

Sprints

Whiteboard

https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening

Work items [maverick-alpha-1]:
[kees] produce symlink protection patch and send out for review:DONE
[kees] produce hardlink protections patch and send out for review:DONE
[kees] produce ptrace protections patch and sed out for review:DONE
[kees] add execshield toggles to our nx-emu patch, as RH does:DONE
[leannogasawara] review and apply security hardening patches for Maverick:DONE

Work items [ubuntu-10.10]:
[kees] attempt to upstream symlink protection patch to LKML: DONE
[kees] attempt to upstream hardlink protection patch to LKML: DONE
[kees] attempt to upstream ptrace protection patch to LKML: DONE
[kees] attempt to upstream nx-emu patch set:POSTPONED
[stefan-bader-canonical] review and consider security hardening patches for Stable Releases (should not be done in SRU):DONE

(?)

Work Items