A side-project I’ve been working on for enhanced security in distribution kernels. Trusted Path Execution (TPE) is a feature that basically denies users the ability to execute programs that are not owned by the root user, or that they can write to. This prevents all kinds of exploits that would have otherwise rooted your system.
You can find the source code for this work-in-progress here:
Right now it’s simply “proof of concept” code, and not entirely functional. It only works on 64bit systems, and doesn’t currently cover the ability to mark pages executable by mmap and mprotect.
This is coded as a kernel module so people don’t have to recompile their whole kernel in order to use it. If you’d like to contribute code to this module, I would greatly appriciate the help.