Making a Linux Apps Secured and Resilient


(T) For the last two products that I started, the operating system of the equipment was a Linux kernel. Most network equipment vendors have been switching recently from VxWorks from WindRiver to either Linux or FreeBSD. At the exception of Cisco Systems who designed its IOS XR with QNX.

Two challenges that I encountered in that process was to ensure that the Linux application was first secured and second resilient. Following is the result on some research that I did on that topics.

Hardening Linux

The best way to harden Linux is to run Bastille Linux. Bastille Linux includes a number of PERL scripts that provide the following services:
    . Firewall (;
. Patch;
. File permissions;Account management;
. Boot security;
. Secure Internet services;
. Disable compiler for users;
. User mode restrictions;
. Logging;
. And a few other services such as: SSH.
Bastille Linux is optimized for RedHat but can run for other Linux (SuSE). It provides as well an interactive tool ( that asks questions about what needs to be enabled and configured for a balance between the security and the functionality requirements of the application.

Hardening the Linux Application

Novell has created a tool called AppArmor that provides a set of policies to harden a Linux application. AppArmor profiles the application actions and accesses. When that profile is done, the application is basically locked to operate accordingly to that profile. AppArmor is optimized for SuSe.

The NSA has developed an equivalent to AppArmor: SELinux (Security Enhanced Linux). SELinux is integrated into Red Hat Enterprise Linux (RHEL) but it looks to me that AppArmor is a much better tool.

Encrypting the Linux File System

IBM has developed eCryptfs that provides a very good way to encrypt files on Linux. More can be found on the IBM Web site or on

IPSec in Linux

There is an implementation of IPSec ESP/IKE for Linux called FreeSwan that is pretty popular in case the application needs to exchange securely data using IPSec.

Linux for Common Criteria

IBM has worked on configuring Linux for common criteria.
Read more in IBM Linux Security.

Resilient Linux Application

It looks to me that there are a couple of technologies that enables to have a resilient Linux application without having to redefine a new protocol.

First Approach: Working on The Data
Data could be part of the application or could be shared between the primary and the backup server using iSCSI. Disk mirroring could be used for the disk using DRBD (Distributed Replicated Block).

Second Approach: Working on The Application
Two options:
Using a Virtual Machine: Xen VM monitor seems to be the leading tool.
Using some HA tools: Heartbeat which provides a clustering API for the application (network/file/disk).

Linux XML RDBMS (Although not about security)

IBM has a Linux version of DB2 which database engine has two interfaces: a relational one and an XML one. Available in IBM DB2 V9.1. That pretty cool to develop management applications. I wish that could be also available for MySQL.

Copyright © 2005-2007 by Serge-Paul Carrasco. All rights reserved.
Contact Us: asvinsider at gmail dot com.