Linux

9310 readers

305 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Linux Kernel Runtime Guard 1.0 Released (linuxiac.com)

submitted 1 day ago by throws_lemy@lemmy.nz to c/linux@programming.dev

2 comments fedilink hide all child comments

The Linux Kernel Runtime Guard (LKRG), maintained under the Openwall project, has officially reached version 1.0, more than seven years after its first public release in 2018.

If you are not familiar with it, LKRG is a kernel module that acts as a security layer for the Linux kernel. Its main job is to monitor the kernel while it’s running and catch anything that looks suspicious or unsafe.

For example, if an attacker tries to exploit a kernel vulnerability by overwriting kernel credentials or altering kernel memory, LKRG can detect that behavior. When it finds something abnormal, it can log it, kill the offending process, or take other defensive measures depending on its configuration.

top 2 comments

sorted by: hot top controversial new old

[–] teawrecks@sopuli.xyz 11 points 1 day ago

Anyone have any experience with this? This seems like the kind of thing that should just always be enabled by default all the time.

[–] Auth@lemmy.world 5 points 1 day ago

Interesting. Does anyone know of a guide to get this setup?