Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
79
access controluser managementsecurity featureRSBAC 1.4.0 Release: Enhanced User Management for Linux Kernels
Amon Ott says: Rule Set Based Access Control (RSBAC) 1.4.0 has been released for both Linux kernels 2.4.37 and 2.6.27.10. RSBAC 1.4 mainly introduces the new Virtual User Management feature which allows to isolate complete sets of users in so-called "virtual sets". Every user in every set can have individual passwords and access rights. Click-through to see the whole announcement, and to leave your opinions of RSBAC. Do you use it? If so, why?. Date: Fri, 16 Jan 2009 09:55:09 +0100 From: Amon Ott Subject: Announce: RSBAC 1.4.0 released Rule Set Based Access Control (RSBAC) 1.4.0 has been released for both Linux kernels 2.4.37 and 2.6.27.10 You can download the new version from https://www.rsbac.org/ RSBAC is one of the leading access control systems for the Linux kernel with a good selection of access control models, see https://www.rsbac.org//why for more details. Important changes since 1.3 series: * VUM (Virtual User Management) support (https://www.rsbac.org/redir.php) * One time password support for user management (https://www.rsbac.org/redir.php) * Code for kernels 2.4 and 2.6 has been separated. 2.4 kernels might be phased out at a later date. * PAM module does not send a message "User not authenticated" anymore if authentication failed. (To match other PAM modules behavior) * Made PAM password prompt standard and definable to RSBAC's custom prompt if the user wants it only. * rsbac_useradd -K to copy a user with password. * rsbac_mount now uses kernel's vfs_mount About RSBAC 1.4: ---RSBAC 1.4 mainly introduces the new Virtual User Management feature ( (https://www.rsbac.org/redir.php), which allows to isolate complete sets of users in so-called "virtual sets". Every user in every set can have individual passwords and access rights. As an example, you can start your mail server in a different set, and the users getting the email will not be part of the system users. Likewise, your jails can be started in a different set, so thatthe users in that jail will never be the same ones as the real system users. You can specify the user set with the usual tools by specifying the full user path, e.g.: 0/0 defines user id 0 (root) in virtual set 0 (eg system user root) 0/1000 defines user id 1000 in virtual set 0 (eg a system user) 1/secoff defines user secoff in virtual set 1 (e.g. with uid 400) 2/1000 defines user id 1000 in virtual set 2 (for example, mail users could be in set 2) Amon. . RSBAC version 1.4.0 brings forth Virtual User Administration, bolstering access management on Linux-based systems and facilitating user compartmentalization.. RSBAC, Virtual User Management, Access Control, User Isolation, Linux Kernels. . LinuxSecurity.com Team
Jan 16, 2009
•
Security Projects
74
security advisoryfedorasshCreate Chrooted SSH/SFTP Setup On Fedora 7 For Enhanced Security
This document describes how to set up a chrooted SSH/SFTP environment on Fedora 7. The chrooted users will be jailed in a specific directory where they can't break out. They will be able to access their jail via SSH and SFTP. Do feel using a chroot environment helps in protecting your Linux box? It can protect your system by having chrooted users unable to effect anything thing else expect for their own environment. Have you used chroot for security, if so do you use it every time you add a new user?. The link for this article located at HowToForge is no longer available. . Enhance security by setting up a chrooted SSH/SFTP environment on Fedora 7. Follow this guide for a systematic approach to user isolation.. Chroot Setup, Secure SFTP, SSH Security, Fedora Configuration. . Bill Locke
Nov 07, 2007
•
Network Security
77
secure environmentsuser isolationsandboxingCreating Isolated User Environments With Chroot And Unionfs
Guests can never be trusted. Whether they're just anonymous users poking around your server or house guests that never seem to flush the toilet, you can never really entrust the integrity of your system to someone you don't know. Well, how about putting them in a sandbox environment? Not good enough? What about sandbox-within-a-sandbox? Read on to learn about combining the powers of chroot with Unionfs which enables you to put untrusted users into a safe, secure environment where damage is highly mitigated. . When reading a 'hint' on the website of LinuxFromScratch I discovered the special capabilities of unionfs, specially in combination with chroot. Later I read a HowTo on a wikiwebsite of Gentoo, about entering a chrooted homedirectory when using a special script as shell. Combining these two brings me to using a chrooted environment, which you enter when logging in as a special user. This environment is a exact copy (mirror) of the system you're working on. Because you're in safe copy of the real system, you can do whatever you like, it will never change the system, everything stays inside the cache (the readwrite branch). The link for this article located at HowtoForge is no longer available. . Creating a secure chroot environment on your Linux system is crucial for managing untrusted users. This guide uses `chroot` and `Unionfs` for effective isolation. User Isolation Techniques, Unionfs Methods, Sandboxing Techniques, Chroot Environments. . LinuxSecurity.com Team
Jun 29, 2007
•
Server Security
77
web securityserver compromisephp securityShared Hosting Risks: Business Consequences from Server Compromise
A reader alerted us today about yet another web server compromise, affecting a large number of domains. In this particular case, the server was hosted with iPowerWeb, a provider of low cost web space on shared servers. Space on a shared server is ok for personal use. But you should think twice before using it for commercial, in particular business critical use. Your web sites security will depend on a few hundred other users on the same system doing the right thing. A bad php script on one virtual server could lead to a compromisse of all web sites hosted on the same system. . The link for this article located at SANS is no longer available. . Recognize the dangers associated with utilizing shared hosting for business purposes. Learn how one poorly designed application can jeopardize the security of your entire website.. Shared Hosting Risks, Business Security, Web Server Compromise. . LinuxSecurity.com Team
Jun 20, 2006
•
Server Security
77
secure accessuser isolationchrooted sshDebian Sarge OpenSSH: Chrooted User Access Configuration
This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. . This setup is based on a Debian Sarge (Debian 3.1) system, and the chrooted SSH will be installed in such a way that it will still use the configuration files of the standard OpenSSH Debian package which are in /etc/ssh/, and you will be able to use the standard OpenSSH Debian init script /etc/init.d/ssh. Therefore you do not have to create your own init script and configuration file. The link for this article located at HowtoForge is no longer available. . Learn to configure OpenSSH for chrooted sessions on Debian for heightened security, limiting user access to designated directories effectively. Chrooted SSH, OpenSSH Tutorial, User Access, Secure SSH. . LinuxSecurity.com Team
Jan 25, 2006
•
Server Security
77
remote accessuser isolationchroot jailEstablish Secure User Environments Through the Jail Chroot Project
So what is a "chroot jail"? Essentially it is a security method for creating a safe user enviroment on systems that allow remote access accounts. The "jail" locks users into a virtual directory structure and grants access only to applications created for the jailed users by the administrator.. . .. So what is a "chroot jail"? Essentially it is a security method for creating a safe user enviroment on systems that allow remote access accounts. The "jail" locks users into a virtual directory structure and grants access only to applications created for the jailed users by the administrator. It has long been a standard for hosting companies to create remote access accounts with this method, but the process was far from simple. Creating each account took many steps and needed thorough testing to assure system security. The Jail Chroot Project's purpose is to streamline the task of creating the chroot jail environment. It does so with utilities that "automagically configure & build all the required files, directories and libraries". It also makes adding new jailed accounts very easy. In this article, we'll take a look at the Jail Chroot Project utilities and show you how to install and use them to secure remote access accounts in a chroot-ed environment on your GNU/Linux system. The link for this article located at LinuxOrbit is no longer available. . Investigate the Jail Chroot Initiative aimed at establishing protected spaces using chroot environments for remote access users.. Chroot Jail, User Isolation, Remote Access, Secure Environment, Jail Project. . LinuxSecurity.com Team
Oct 14, 2002
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More