tpe-lkm is a Linux kernel module implementing Trusted Path Execution, a security feature that denies users from executing programs that are not owned by root, or are writable. This closes the door on a whole category of exploits where a malicious user tries to execute his or her own code to hack the system. Since the module doesn't use any kind of ACLs, it works out of the box with no configuration. It isn't complicated to test or deploy to current production systems. The module also has a few other grsecurity-inspired features implemented as "extras".
Be the first to post a review of Trusted Path Execution LKM!