Linux Security for DevOps

With security getting more and more attention, we focus on Linux security for DevOps. Also DevOps will need hardening, auditing and dealing with compliance.

Summary of Linux Security for DevOps

During the last years the role of DevOps evolved. This person could be described as the hybrid: a system administrator with development skills, or the developer which is also infrastructure savvy. With Linux and so many available tooling, it is becoming easier for people to learn both development and managing infrastructures. We are especially interested in Linux security for DevOps and what they can apply. Automation is key Repeating work is not only boring, but also a waste of time.

Read the full article…

Protect against ptrace of processes: kernel.yama.ptrace_scope

Using the Linux Security Module (LSM) Yama we can protect the system against the usage of ptrace. The sysctl key kernel.yama.ptrace_scope sets the behavior.

Summary of Protect against ptrace of processes: kernel.yama.ptrace_scope

Hardening the kernel with kernel.yama.ptrace_scope Ptrace is a great troubleshooting tool for developers to determine how a process functions. It can be used to find programming flaws, like memory leakage. On the other hand, the tool also be used by people with malicious intent. For example to debug a process as a non-privileged user and find the contents of application memory. Yama Linux has the ability to include Linux Security Modules, to provide additional features with the means of a module.

Read the full article…

Secure Software Development: CII Best Practices

Best Practices from the Core Infrastructure Initiative help with creating more security open source software projects. Learn what they do and how it can help your project.

Summary of Secure Software Development: CII Best Practices

Last month the Core Infrastructure Initiative, or CII, launched their CII best practices project. Its primary goal is to gamify the process of building more secure software. Let’s have a look at the project, and how it can help. Open Source and Security If we look in the open source world of software, we see that many projects were created by volunteers. While doing this voluntary, this doesn’t say anything about the quality of the project.

Read the full article…

The 101 of ELF files on Linux: Understanding and Analysis

An step-by-step introduction into ELF files. Learn the structure and format, to understand how binaries and libraries on Linux systems work.

Summary of The 101 of ELF files on Linux: Understanding and Analysis

Some of the true craftsmanship in the world we take for granted. One of these things is the common tools on Linux, like ps and ls. Even though the commands might be perceived as simple, there is more to it when looking under the hood. This is where ELF or the Executable and Linkable Format comes in. A file format that used a lot, yet truly understood by only a few.

Read the full article…

Why we use your open source project (or not)

Here are the most common mistakes made by open source projects, and tips on how to avoid them. Get more users with the right promotion!

Summary of Why we use your open source project (or not)

While ‘shopping’ for some libraries, it struck me how many open source software projects are suffering from basic mistakes. Well, mistakes might sound too harsh. What I mean are those things you find on a project, which could be better. They are usually things not considered by the developer, as we (developers) were never told about them. Doing 20+ years of open source development now, I can safely say I made many mistakes.

Read the full article…