Integrity

From Gentoo Wiki
Jump to:navigation Jump to:search

Integrity is a Gentoo Hardened subproject aiming for the integration of off-line system integrity technologies within Gentoo.

This project will support the Linux IMA/EVM technology within Gentoo Linux, which perform integrity checks during boot. The primary focus is to prevent tampering of files, settings and images: when this occurs, the boot-up of the system detects the tampering and refuses to load further (or report this to the administrator). The project will support the necessary kernel patches, utilities and documentation. The goal is to make off-line integrity checks, compliance checks and reporting available to the wider public.

Next to the integrity subsystem within Linux (IMA/EVM), this project will also support the various trusted computing technologies (such as TPM support) through well-documented guides and tools.

Integrity resources

About IMA and EVM

Intrusion Detection Systems

  • AIDE is the Advanced Intrusion Detection Environment and is a simple yet powerful method for online or offline integrity scanning.

Limitations

Online tampering detection support is a later goal. Other integrity-related technologies, compliance checks and reporting technologies will also be supported sometime in the future. Also see qcheck for portage related on-line integrity checking.

See also