Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
79
system resiliencearchitecture compatibilitysecurity proposalHuawei's Sandbox Mode: Enhancing Linux Kernel Memory Security
Chinese tech giant Huawei has proposed introducing a "SandBox Mode" for the Linux kernel , aimed at bolstering memory security. This mode would create an environment where native kernel code can be executed but with access restricted only to predefined memory addresses. . By isolating memory areas used for input and output, the proposed SandBox Mode aims to prevent vulnerabilities from being exploited and safeguard the rest of the kernel. Huawei has submitted a patch series for review to implement the necessary infrastructure and APIs for this mode. What Are the Security Implications of This Proposal? The introduction of a SandBox Mode for the Linux kernel by Huawei holds several implications for the security landscape. It addresses a crucial aspect of memory safety and offers a potential solution to minimize the impact of memory safety bugs in kernel code. One intriguing aspect of this proposal is using guard pages and arch hooks to enforce strong isolation. Guard pages protect against out-of-bounds accesses, and arch hooks leverage hardware paging facilities and CPU privilege levels to restrict memory access to predefined regions. This implementation could significantly enhance memory security, making it more difficult for attackers to exploit vulnerabilities and compromise the overall system. The proposal opens up questions regarding the scalability and compatibility of SandBox Mode across different architectures. Since the efficacy of this mode relies on the presence of arch hooks, it becomes essential to determine how widely supported these hooks are and whether they can be implemented consistently across various hardware platforms. Another significant aspect of the proposal is the potential for recovery from protection violations. If a violation occurs, SandBox Mode forcibly terminates the sandboxed environment and returns an error code to the caller, allowing execution to continue. This feature demonstrates an effort to balance security and system resilience. Securitypractitioners, Linux admins, infosec professionals, and sysadmins should closely follow the progress of this SandBox Mode proposal. If implemented successfully, it could lead to a substantial improvement in memory safety and offer greater protection against memory-based attacks. However, it is crucial to consider the long-term consequences, ensuring that potential trade-offs in performance, compatibility, and vulnerability disclosure are carefully evaluated. Our Final Thoughts on Huawei's Proposed “Sandbox Mode” Huawei's proposal to introduce SandBox Mode for the Linux kernel presents an opportunity to enhance memory security. By isolating memory areas and leveraging architectural hooks, the proposal aims to restrict memory access and mitigate the impact of memory safety bugs. While this proposal is promising, critical evaluation of long-term consequences, scalability, and compatibility are essential. Security practitioners should closely monitor the developments of this SandBox Mode as it has the potential to impact Linux security significantly. What are your thoughts on this proposal? We'd love to hear! Reach out to us on X @lnxsec and let us know. . Employing memory isolation through SandBox Mode can significantly mitigate threats targeting the Linux kernel, thereby strengthening the security of the entire system.. Huawei, Linux Kernel, Sandbox Security, Memory Protection. . Dave Wreski
Feb 15, 2024
•
Security Projects
83
security advisorydata leakside-channel attackSLAM Threat: Intel LAM, AMD UAI, ARM TBI - Data Leak Risks
Researchers have identified a new exploit impacting upcoming processors called “Spectre based on Linear Address Masking” (SLAM). This side-channel-based attack exploits the new security features in Intel (Linear Address Masking (LAM)), AMD (Upper Address Ignore (UAI)), and ARM (Top Byte Ignore (TBI) chips. Specifically, the SLAM attack is a transient execution technique exploiting the new memory improvement features to leak sensitive data like password hashes. . According to the researchers who discovered this bug, SLAM exploits a “previously unexplored class of Spectre disclosure gadgets” that involve pointer chasing. Unlike the Standard (masked) gadgets, the unmasked gadgets are common code patterns across different software and are even available with the Linux Kernel that doesn’t include masked gadgets. Unlike other side-channel attacks, SLAM threatens a wider range of systems, including Linux. In their study, the researchers emulated the Intel LAM feature on Ubuntu to demonstrate how the SLAM attack exploits the unmasked gadgets to leak arbitrary ASCII kernel data from a userland process. Check out the article linked below for more information on how this attack works and an awesome video showing the SLAM attack leaking password hashes on Ubuntu! . New SLAM attack using Intel, AMD, and ARM features risks data exposure and security integrity across systems.. SLAM Attack, CPU Security, Spectre Exploit, Data Security, Linux Kernel Exploit. . LinuxSecurity.com Team
Dec 17, 2023
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More