Date: Tue, 9 Jan 2001 15:41:03 +0800 (CST) From: Huagang Xie <xie@gnuchina.org> To: lwn@lwn.net Subject: LIDS 1.0.4 for 2.4.0 is here! Hi, LIDS he Linux Intrusion Detection System (LIDS) is a kernel patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). It is released under GPL. When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more. The new version, 1. add inherit option when config file acls 2. add exec_domain from lids 0.9.11 3. add configuration support to multi-platform 4. merge bugfixed from 0.9.11 A For more information, please visit www.lids.org. Thanks, Xie -- Happy Hacking Linux Intrusion Detection System http://www.lids.org/