Linux Kernel Runtime Guard : pi3 blog

I’m happy to announce that my moonlight project is finally released. Thanks to Alexander Peslyak (a.k.a. Solar Designer) it is available through Openwall.

Linux Kernel Runtime Guard (LKRG) is a loadable kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel. As controversial as this concept is, LKRG attempts to post-detect and hopefully promptly respond to unauthorized modifications to the running Linux kernel (integrity checking) or to credentials (such as user IDs) of the running processes (exploit detection). For process credentials, LKRG attempts to detect the exploit and take action before the kernel would grant the process access (such as open a file) based on the unauthorized credentials. You can download the current experimental version of LKRG at its brand new homepage:

http://www.openwall.com/lkrg/

LKRG has been in (re-)development for a couple of years, and builds upon one of my prior’s experience with a related project in 2011 (for CERN).

Official announcement had been made by Openwall and it can be read here:
http://www.openwall.com/lists/announce/2018/01/29/1

A lot of useful technical information about LKRG can be found on Openwall wiki page:
http://openwall.info/wiki/p_lkrg/Main

If you would like to support LKRG, you are very welcome to do so 😉 It can be done via Patreon website here:
https://www.patreon.com/p_lkrg

Best regards,
Adam ‘pi3’ Zabrocki

Comments

  1. Kamil on 02.03.2018

    Nice one. However: https://i.imgur.com/XCm96r3.png

  2. pi3 on 02.04.2018

    Quite funny 😉

  3. pi3 on 02.04.2018

    Btw. I would appreciate If you could report this website as “inappropriately blocked” 🙂

    Thanks,
    Adam

  4. Carl on 02.07.2018

    Interesting though

Leave a Reply




CAPTCHA * Time limit is exhausted. Please reload the CAPTCHA.