Find the answer to your Linux question:

View Poll Results: How useful do you think these kernel security features would be?

Voters
5. You may not vote on this poll
  • Very useful

    1 20.00%
  • Kinda useful

    1 20.00%
  • Not very useful

    0 0%
  • Completely useless

    3 60.00%
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 14
Hi everyone, I found a Slashdot article today regarding a pretty neat kernel security feature in Windows Vista and thought that the idea may be embraced by the Linux community ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2007
    Posts
    8

    Talking Wouldn't this kernel security feature be useful?


    Hi everyone, I found a Slashdot article today regarding a pretty neat kernel security feature in Windows Vista and thought that the idea may be embraced by the Linux community as well. Here is the article:

    An anonymous reader writes to mention that in the final part of his three part series, Mark Russinovich wraps up his look at changes made in the Windows Vista Kernel by exploring advancements in reliability, recovery, and security. "Applications written for Windows Vista can, with very little effort, gain automatic error recovery capabilities by using the new transactional support in NTFS and the registry with the Kernel Transaction Manager. When an application wants to make a number of related changes, it can either create a Distributed Transaction Coordinator (DTC) transaction and a KTM transaction handle, or create a KTM handle directly and associate the modifications of the files and registry keys with the transaction. If all the changes succeed, the application commits the transaction and the changes are applied, but at any time up to that point the application can roll back the transaction and the changes are then discarded."
    You can read the whole thing and the comments here:

    <http://it.slashdot.org/article.pl?si...32216&from=rss>

    I was wondering if this particular feature existed in the Linux kernel as a module or perhaps built into the kernel. If not, maybe it ought to be? Just figured it was a novel idea and may contribute to the already impressive security facilities of the Linux kernel.

    Any ideas, critisisms and thoughts are welcome!

    GO LINUX!!!

  2. #2
    Linux Enthusiast likwid's Avatar
    Join Date
    Dec 2006
    Location
    MA
    Posts
    649
    Doesn't make any sense in context of linux.

  3. #3
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,133
    I thought there was functionality similar to this already? I did a quick google but I'm not really sure what search terms to use. Has anyone else heard of anything like this? Does inotify have something like this?

  4. #4
    Just Joined!
    Join Date
    Mar 2007
    Posts
    8

    Thumbs up Hmmmm, interesting...

    This is becomming a hot topic at school, some of the students in my class are actually thinking of messing with there kernel source to try this out! In any case, I'll try to dig up some more details on this and post them to the forum.

    As far as the post claiming that this technology doesn't have a place in the context of Linux, I would respectfully disagree... How many of the thousands of packages for Linux actually were originally thought to belong in the context of Linux? It's the concept that we are interested in and the idea that it may improve, benefit, or add functionality to the already impressive Linux kernel.

    Most proprietary technologies developed by private companies probably didn't belong in the context of Linux right off the bat, but were adopted and fostered by Linux users anyway and either proved their worth, or diminished over time.

    This is a great discussion and I will add more information where I find it

    Thanks for the great perspectives on this issue everyone.

  5. #5
    Just Joined!
    Join Date
    Mar 2007
    Posts
    8

    Post What transactions are all about...

    Quoted from Wikipedia's article on Database Transactions:

    n database products the ability to handle transactions allows the user to ensure that integrity of a database is maintained.

    A single transaction might require several queries, each reading and/or writing information in the database. When this happens it is usually important to be sure that the database is not left with only some of the queries carried out. For example, when doing a money transfer, if the money was debited from one account, it is important that it also be credited to the depositing account. Also, transactions should not interfere with each other. For more information about desirable transaction properties, see ACID.

    A simple transaction is usually issued to the database system in a language like SQL in this form:

    1. Begin the transaction
    2. Execute several queries (although any updates to the database aren't actually visible to the outside world yet)
    3. Commit the transaction (updates become visible if the transaction is successful)

    If one of the queries fails the database system may rollback either the entire transaction or just the failed query. This behaviour is dependent on the DBMS in use and how it is set up. The transaction can also be rolled back manually at any time before the commit.
    http://en.wikipedia.org/wiki/Databas...of_transaction

    Now, I know this is for databases, but it really helps illustrate what Microsoft is trying to do for applications.

    From what I understand, and correct me if I'm wrong, the new transactional nature of Vista will make sure that all tasks that a program wants to perform are completed successfully before committing changes to memory and disk drives. Also, I'm assuming that the transaction mechanism would keep track of all interim changes that it makes to memory and disks so that it knows what to roll back and in which order to roll things back.

    Possible and useful for Linux? That is the question

    I'm gonna check out inotify right now...

    Thanks for all the discussion everyone!

  6. #6
    Linux Guru antidrugue's Avatar
    Join Date
    Oct 2005
    Location
    Montreal, Canada
    Posts
    3,211
    This seems to be a feature of the newest version of NTFS. Also, it is already implemented in Linux, part of the Reiser4 filesystem. At least according to the wikipedia article you linked.
    "To express yourself in freedom, you must die to everything of yesterday. From the 'old', you derive security; from the 'new', you gain the flow."

    -Bruce Lee

  7. #7
    Just Joined!
    Join Date
    Mar 2007
    Posts
    8

    Red face Not to it's full potential

    So, that handles the filesystem part of things, how's 'bout the memory part of things and perhaps stack and register rollback functionality? Eh?! eh!????

    Just kidding Good points, though I still don't believe that it's being implemented to it's full potential. If there are anymore suggestions, they are welcomed.

  8. #8
    Linux Enthusiast likwid's Avatar
    Join Date
    Dec 2006
    Location
    MA
    Posts
    649
    Well I kinda filtered out the filesystem part when I first read it, now a re-read seems to make more sense.

    I would think this is something RSBAC can already kind of do, from a security standpoint at least.

  9. #9
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    When an application wants to make a number of related changes, it can either create a Distributed Transaction Coordinator (DTC) transaction and a KTM transaction handle, or create a KTM handle directly and associate the modifications of the files and registry keys with the transaction.
    This is also referred to as a logical transaction. (i.e. Everything related to the transaction gets the change applied, or in the event of an error it gets rolled back and nothing related to the transaction gets the change applied.)

    If I'm reading your quote correctly, the purpose of this is to keep files and their associated Windows registry keys in sync.

    GNU/Linux does not use a Windows registry.

  10. #10
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    P.S. How does this qualify as a "security feature"?

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •