BOSTON: How does Red Hat go about building and developing a secure Linux operating system? That question was asked and answered at the Red Hat Summit this week by Josh Bressers, who heads the Red Hat Product Security Team.

Bressers explained that the security process involves both manual and automated activities for quality assurance. Linux is further reinforced with what Dan Walsh, senior principal software engineer at Red Hat called a "silver bullet" for Linux security -- SELinux.

"We have this unbelievable code that sees if someone is doing something stupid," Walsh said.


SELinux, which provides mandatory access controls, was originally developed by the NSA. It has been part of Red Hat Enterprise Linux since the 4.0 release.

Open Source Security Challenges

As opposed to a proprietary model of software development, open source by definition is open. Code, whether it is good, bad or indifferent, is there for all to see and expose. The issue of whether or not security risks can ever be eliminated entirely is one that Linux will likely not solve.

"It's not a solvable problem. As long as humans write code there will be bugs," Bressers said. "The problem we suffer from in the land of open source is the emperor is naked and we can't sneak bug fixes in."

The fact that bug fixes can't be "sneaked in" provides a high degree of transparency, though it can also potentially make Linux look worse in terms of security when compared to proprietary operating systems.

While security flaws cannot be entirely eliminated, certain classes of flaws can be. For example, Bressers is optimistic about the ability to eliminate stack overflow vulnerabilities. Newer versions of the GCC compiler provide a degree of protection for developers to help make sure that such issues don't exist in compiled code.

"We can't fix people," Bressers said. "I can train out the stupid, but people will still make mistakes that tools can hopefully catch."

Red Hat is also trying to limit risk with additional sandboxing of running applications. Walsh noted that it's possible to require applications to live in their own sandboxed area.

"We really want to have multiple fences for the hacker to jump over," Walsh said.

Sean Michael Kerner is a senior editor at eSecurity Planet and InternetNews.com. Follow him on Twitter @TechJournalist.