Definitions

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z

B

bastion host: An intermediate system that can reach other systems, usually to prevent direct connections and with more strict communication paths. Alternative names: jump host, jump server, jump box.

capability: specific functionality within the Linux kernel such as changing file ownership and changing the time clock.
capability bounding set: maximum set of capabilities a process is allowed to have
control group: Set of tasks and their future children that is aggregated into a hierarchical groups, to allow allocating resources (e.g. CPU time, memory, network bandwidth)
core dump: File containing address space (memory) information of process when it terminates unexpectedly

exploit: commands that may trigger a bug or vulnerability in software or causing unexpected behavior, with the goal to crash software or make it do unanticipated actions

falseticker: A time clock server that was indentified as being not reliable by statistical filtering

initrd: short for initial RAM disk, a mechanism used by Linux to load a temporary root file system into memory, so it can be used during the startup process. It helps getting the right support for hardware loaded, so that the actual root file system can be mounted and used. Initrd is also called early userspace, as it sits inbetween the kernel and userspace.

LUKS: Short for 'Linux Unified Key Setup', disk encryption specification to encrypt disk blocks.

multi-call binary: A binary or tool that provides multiple different services, which depends on the name it is started with

nonce: Arbitrary number that may only be used once, often used to reduce the risk of replay attacks.

personality: Linux uses the personality(2) system call to get or set the personality for a process, which is a kernel execution domain. This personality support may allow running binaries for other platforms, change how signal numbers are mapped to their relation actions, or set memory behaviour.
pseudo-device: A device, typically in /dev, that is not linked to a physical device. Examples include /dev/null, /dev/random, and /dev/zero.

syscall: Short for system call, an interface between the Linux kernel and userspace; Allows processes to communicate and request resources.

journal: System service to collect and store logging data. Related service name is systemd-journal.

umask: numeric value to define the default file creation permissions
userspace: memory area for normal applications and some drivers, usually with one address space per process
UUID: Short for 'Universal Unique Identifier', a 128-bit value used to uniquely identify an object or entity, such as a system or disk