Kernel
The Linux kernel consists of a massive code base including device internals up to external interfaces. Not surprisingly that the kernel also needs attention to security principles to avoidcommon programming or configuration flaws. In this section the kernel is covered, from tuning it via sysctl, up to frameworks that may help improving the security of the kernel itself.
Capabilities
Everything related to Linux capabilities, like articles and an overview of the available capabilities.
Overview of Linux syscalls
An overview of the available syscalls, or system functions, that allow processes to communicate with the kernel.
Sysctl
Learn about the sysctl command and how it can help with kernel tunables to alter the system configuration and perform additional security hardening.
Frequently Asked Questions
What is the difference between /dev/random and /dev/urandom?
The quality of random data from /dev/random is much higher than /dev/urandom, at the cost of availability of random data, especially early at the boot. Typically /dev/urandom is the preferred source to retrieve random data.
What is a tainted kernel?
The Linux kernel is marked tainted when a specific event happened that could impact reliable troubleshooting of kernel issues.
How to find the cause of a tainted Linux kernel?
Run the dmesg or journalctl command and search for 'tainted'.
dmesg | grep -i tainted