The Internet can be a nasty place, where network-facing server applications are subject to probes of potential evildoers in search of known (or, worse, unknown) vulnerabilities to exploit.
Trusted operating system features, such as mandatory access controls, can help contain the havoc that exploited services can wreak by ensuring that applications can access or modify only the resources required to do their jobs.
Such tight controls are tricky to manage, however, which has kept this functionality out of mainstream operating systems.
This has begun to change, and Ive been taking stock of trusted operating system developments in commonly used platforms, including SELinux implementations in Red Hats Red Hat Enterprise and Fedora, Core Linux distributions, the AppArmor software that ships with Novells SUSE and OpenSUSE distributions, and the Process Rights Management features in Sun Microsystems Solaris 10.
Ill be evaluating the trusted technologies that are now—and will soon be—available on the operating systems that companies are already using and for which their critical hardware and software are certified.
Ive also been trying to nail down just whats become of Microsofts Next-Generation Secure Computing Base—and what else companies can expect along these lines in upcoming versions of Windows.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.