CH 10 Kernel Security Risk Mitigation Key Terms
Meta package
A Linux package that refers to other packages - For example, linux-image is a meta package that refers to the latest version of the generic kernel built for Ubuntu
Simplified mandatory access control kernel (SMACK)
A Linux security module for mandatory access control - Functionally similar to SELinux and AppArmor
TOMOYO
A Linux security module for mandatory access control - Functionally similar to SELinux and AppArmor
Itanium
A family of 64-bit CPUs developed by Intel. - Red Hat supported ________ CPUs through Red Hat Enterprise Linux 5, but will not continue support in later releases.
Paravirtualization
A scenario in which software is installed on the guest operating system such that the guest operating system is aware that it is operating inside a virtual system - If this helper software is not installed, the guest cannot function
iSeries
An IBM system that uses IBM Performance Optimization With Enhanced RISC (POWER) CPUs
Mangled
Describes a network packet with modified headers
Spoofed
Describes a network transmission with a false source address
Linux security modules (LSMs)
Frameworks for security support within the Linux kernel, associated with mandatory access control - Examples of LSMs include SELinux and AppArmor
Martian packets
Packets with an impossible source or destination address - For example, a packet from the Internet with a source address of a private IP address network is a Martian packet
pSeries
The IBM Reduced Instruction Set Computing (RISC) server and workstation product line designed for Unix systems - Some Red Hat Enterprise Linux releases are built for this
Greg Kroah-Hartman
The Linux kernel developer responsible for the release of stable kernels
Linus Torvalds
The developer of the first Linux kernel and the current leader of Linux kernel developers
Stock kernel
The kernel developed and released by the Linux Kernel Organization without any additional alterations by distribution developers
Backport
to implement features from newer kernel versions into an older kernel version