Skip to Main Content
Linux is an open source operating system that is rapidly gaining popularity in consumer electronic devices, especially in digital audio and video devices. However, with its success in the market, there is a greater need for security. We present a Trojan attack scenario that compromises the security of a Linux-based networked appliance. Then, we demonstrate how a simple low water-mark mandatory access control (LOMAC) module can protect the system against such attacks. However, LOMAC implements this access control by interposition at the kernel's system call interface and uses implicit attribute mapping to map security attributes to files, which is invasive. We present a LOMAC implementation as a Linux security module (LSM), a new framework for providing standard interfaces to loadable security modules for the Linux kernel.