A project called Medusa provides a Linux kernel patch that intercepts certain kernel routines and queries an extra-kernel security provider. While this is similar to PAM, it has a number of advantages. First and foremost, applications are ignorant of the security system; they don't have to be specially coded to take advantage of the system. Second, security applies to a wide range of system resources, with a high level of granularity. Medusa, therefore, provides not only file-level access control, but can also be configured to control access to processes, or virtually any other system resource.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
