SettingsOperating system security
ACF2
ACF2 (Access Control Facility) is a commercial discretionary access control software security system developed for MVS (z/OS), VSE and VM (z/VM) by SKK, Inc. Barry Schrager, Eberhard Klemens, an...
ACF2 (Access Control Facility) is a commercial discretionary access control software security system developed for MVS (z/OS), VSE and VM (z/VM) by SKK, Inc. Barry Schrager, Eberhard Klemens, an...
Address space layout randomization
Address space layout randomization (ASLR) is a computer security method which involves randomly arranging the positions of key data areas, usually including the base of the executable and ...
Address space layout randomization (ASLR) is a computer security method which involves randomly arranging the positions of key data areas, usually including the base of the executable and ...
Annvix
Annvix is a Canadian security-focused operating system based on Mandriva Linux (originally forked from Mandrake Linux 9.2).
Annvix is a Canadian security-focused operating system based on Mandriva Linux (originally forked from Mandrake Linux 9.2).
Anonym.OS
Anonym.OS was a Live CD operating system based on OpenBSD 3.8 with strong encryption and anonymization tools.
Anonym.OS was a Live CD operating system based on OpenBSD 3.8 with strong encryption and anonymization tools.
AppArmor
AppArmor ("Application Armor") is a security module for the Linux kernel, released under the GNU General Public License.
AppArmor ("Application Armor") is a security module for the Linux kernel, released under the GNU General Public License.
BoKS (software)
In computer security, BoKS is a proprietary product for the centralized management of user authentication and authorization (Role-based access control).
In computer security, BoKS is a proprietary product for the centralized management of user authentication and authorization (Role-based access control).
C-list (computer security)
In capability-based computer security, a C-list is an array of capabilities, usually associated with a process and maintained by the kernel.
In capability-based computer security, a C-list is an array of capabilities, usually associated with a process and maintained by the kernel.
cacls
cacls and icacls are Microsoft Windows native command line utility capable of displaying and modifying Access Control List (ACL) on folders and files.
cacls and icacls are Microsoft Windows native command line utility capable of displaying and modifying Access Control List (ACL) on folders and files.
Capability-based addressing
In computer science, capability-based addressing is a scheme used by some computers to control access to memory.
In computer science, capability-based addressing is a scheme used by some computers to control access to memory.
cgroups
cgroups (control groups) is a Linux kernel feature to limit, account and isolate resource usage (CPU, memory, disk I/O, etc) of process groups.
cgroups (control groups) is a Linux kernel feature to limit, account and isolate resource usage (CPU, memory, disk I/O, etc) of process groups.
chgrp
The chgrp (from change group) command is used by unprivileged users on Unix-like systems to change the group associated with a computer file.
The chgrp (from change group) command is used by unprivileged users on Unix-like systems to change the group associated with a computer file.
chmod
The chmod command is a Unix command that lets a user tell the system how much access it should permit to a file.
The chmod command is a Unix command that lets a user tell the system how much access it should permit to a file.
chown
The chown command (abbreviation for change owner) is used on Unix-like systems to change the owner of a file.
The chown command (abbreviation for change owner) is used on Unix-like systems to change the owner of a file.
End Node Problem
The End Node Problem arises when individual computers are used for sensitive work and/or temporarily become part of a trusted, well-managed network/cloud and then are used for more risky activit...
The End Node Problem arises when individual computers are used for sensitive work and/or temporarily become part of a trusted, well-managed network/cloud and then are used for more risky activit...
Exec Shield
Exec Shield is a project started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems.
Exec Shield is a project started at Red Hat, Inc in late 2002 with the aim of reducing the risk of worm or other automated remote attacks on Linux systems.
Executable space protection
In computer security, executable space protection is the marking of memory regions as non-executable, such that an attempt to execute machine code in these regions will cause an exception.
In computer security, executable space protection is the marking of memory regions as non-executable, such that an attempt to execute machine code in these regions will cause an exception.
FLASK
The Flux Advanced Security Kernel (FLASK) is an operating system security architecture that provides flexible support for security policies.
The Flux Advanced Security Kernel (FLASK) is an operating system security architecture that provides flexible support for security policies.
FoxT ServerControl (software)
In computer security, FoxT ServerControl is a proprietary product for the centralized management of user authentication and authorization.
In computer security, FoxT ServerControl is a proprietary product for the centralized management of user authentication and authorization.
FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called "UNIX", as the direct descendant of BSD UNIX (many of whos...
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called "UNIX", as the direct descendant of BSD UNIX (many of whos...
Generic Security Services Application Program Interface
The Generic Security Services Application Program Interface (GSSAPI, also GSS-API) is an application programming interface for programs to access security services.
The Generic Security Services Application Program Interface (GSSAPI, also GSS-API) is an application programming interface for programs to access security services.
grsecurity
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security.
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security.
Hardened Gentoo
Hardened Gentoo is a project of Gentoo Linux that is enhancing the distribution with security addons.
Hardened Gentoo is a project of Gentoo Linux that is enhancing the distribution with security addons.
Immunix
Immunix was a commercial operating system that provided host-based application security solutions.
Immunix was a commercial operating system that provided host-based application security solutions.
kinsmod
kinsmod is a program written by Silvio Cesare which, in the Linux operating system, allows the insertion of a potentially malicious Loadable kernel module by writing to the /dev/kmem device, reg...
kinsmod is a program written by Silvio Cesare which, in the Linux operating system, allows the insertion of a potentially malicious Loadable kernel module by writing to the /dev/kmem device, reg...
libwrap
libwrap is a free software program library that implements generic TCP Wrapper functionality for network service daemons to use (rather than, or in addition to, their own host access control sch...
libwrap is a free software program library that implements generic TCP Wrapper functionality for network service daemons to use (rather than, or in addition to, their own host access control sch...
Lightweight Portable Security
Lightweight Portable Security (LPS) is a Linux LiveCD developed and publicly distributed by the United States Department of Defense’s Software Protection Initiative that is designed to serve as ...
Lightweight Portable Security (LPS) is a Linux LiveCD developed and publicly distributed by the United States Department of Defense’s Software Protection Initiative that is designed to serve as ...
LXC
LXC (Linux Containers) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host.
LXC (Linux Containers) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host.
Mandatory access control
In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or ...
In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or ...
Microsoft Baseline Security Analyzer
Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and less-secure security settings wit...
Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and less-secure security settings wit...
NX bit
The NX bit, which stands for No eXecute, is a technology used in CPUs to segregate areas of memory for use by either storage of processor instructions (or code) or for storage of data, a...
The NX bit, which stands for No eXecute, is a technology used in CPUs to segregate areas of memory for use by either storage of processor instructions (or code) or for storage of data, a...
OpenBSD
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution, a Unix derivative developed at the University of California, Berkeley.
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution, a Unix derivative developed at the University of California, Berkeley.
OpenBSD security features
The OpenBSD operating system is noted for its security focus and for the development of a number of security features.
The OpenBSD operating system is noted for its security focus and for the development of a number of security features.
OpenBSM
OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format.
OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format.
OpenVZ
OpenVZ is an operating system-level virtualization technology based on the Linux kernel and operating system.
OpenVZ is an operating system-level virtualization technology based on the Linux kernel and operating system.
Openwall Project
The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced operating system designed for servers.
The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced operating system designed for servers.
Operating system-level virtualization
Operating system-level virtualization is a server virtualization method where the kernel of an operating system allows for multiple isolated user-space instances, instead of just one.
Operating system-level virtualization is a server virtualization method where the kernel of an operating system allows for multiple isolated user-space instances, instead of just one.
Partitioning Communication System
Partitioning Communication System is an high-assurance computer security architecture based on an information flow separation policy.
Partitioning Communication System is an high-assurance computer security architecture based on an information flow separation policy.
PaX
PaX is a patch for the Linux kernel that implements least privilege protections for memory pages.
PaX is a patch for the Linux kernel that implements least privilege protections for memory pages.
Privilege (computing)
In computing, privilege is defined as the delegation of authority over a computer system.
In computing, privilege is defined as the delegation of authority over a computer system.
Privilege escalation
Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally ...
Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally ...
Process isolation
Process isolation is a set of different hardware and software technologies designed to protect each operating system process from other processes.
Process isolation is a set of different hardware and software technologies designed to protect each operating system process from other processes.
Reference monitor
In operating systems architecture a reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' abi...
In operating systems architecture a reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' abi...
Resource Access Control Facility
RACF, short for Resource Access Control Facility, is an IBM software product.
RACF, short for Resource Access Control Facility, is an IBM software product.
RSBAC
RSBAC (Rule Set Based Access Control) is an open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a).
RSBAC (Rule Set Based Access Control) is an open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a).
runas
In computing, runas is a command in the Microsoft Windows line of operating systems that allows a user to run specific tools and programs with different permissions from those the user's current...
In computing, runas is a command in the Microsoft Windows line of operating systems that allows a user to run specific tools and programs with different permissions from those the user's current...
Sandbox (computer security)
In computer security, a sandbox is a security mechanism for separating running programs.
In computer security, a sandbox is a security mechanism for separating running programs.
Security descriptor
Security descriptors are data structures of security information for securable Windows objects, that is objects that can be identified by a unique name.
Security descriptors are data structures of security information for securable Windows objects, that is objects that can be identified by a unique name.
Security-Enhanced Linux
Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense-style mandator...
Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense-style mandator...
Security-evaluated operating system
In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, such as a B2 or A1 CSC-STD-001-83 "Department of Defense Trusted C...
In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, such as a B2 or A1 CSC-STD-001-83 "Department of Defense Trusted C...
Simplified Mandatory Access Control Kernel
Smack is a Linux kernel security module that provides a mechanism for protecting data and process interaction from malicious manipulation using a set of custom mandatory access control rules pro...
Smack is a Linux kernel security module that provides a mechanism for protecting data and process interaction from malicious manipulation using a set of custom mandatory access control rules pro...
Solaris Trusted Extensions
Solaris Trusted Extensions is a set of security extensions incorporated in the Solaris 10 operating system by Sun Microsystems, featuring a mandatory access control model.
Solaris Trusted Extensions is a set of security extensions incorporated in the Solaris 10 operating system by Sun Microsystems, featuring a mandatory access control model.
Ssh-keygen
SSH-Keygen is a Unix utility that is used to generate, manage, and convert authentication keys for ssh authentication.
SSH-Keygen is a Unix utility that is used to generate, manage, and convert authentication keys for ssh authentication.
Superuser
The superuser is a special user account used for system administration.
The superuser is a special user account used for system administration.
The Amnesic Incognito Live System
The Amnesic Incognito Live System or Tails is a Linux distribution aimed at preserving privacy and anonymity.
The Amnesic Incognito Live System or Tails is a Linux distribution aimed at preserving privacy and anonymity.
Toor
ToorToor (तूर) or Toora/Tura (तुरो) is a gotra found amongst Jats and Rajputs in Punjab and Haryana.mostly toor are leaving in moga,Faridkot and hoshiarpur district in Punjab.TOOR were e...
ToorToor (तूर) or Toora/Tura (तुरो) is a gotra found amongst Jats and Rajputs in Punjab and Haryana.mostly toor are leaving in moga,Faridkot and hoshiarpur district in Punjab.TOOR were e...
Toor (Unix)
Toor, the word "root" spelled backwards, is an alternative superuser account in Unix-like operating systems, particularly BSD and variants.
Toor, the word "root" spelled backwards, is an alternative superuser account in Unix-like operating systems, particularly BSD and variants.
Trusted operating system
Trusted Operating System (TOS) generally refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government...
Trusted Operating System (TOS) generally refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government...
Type enforcement
The concept of type enforcement (TE) in the field of information technology is related to access control.
The concept of type enforcement (TE) in the field of information technology is related to access control.
Unix security
Unix security refers to the means of securing a Unix or Unix-like operating system.
Unix security refers to the means of securing a Unix or Unix-like operating system.
W^X
W^X is the name of a security feature present in the OpenBSD operating system.
W^X is the name of a security feature present in the OpenBSD operating system.