Trusted Path Execution (TPE) Linux Kernel Module

A side-project I’ve been working on for enhanced security in distribution kernels. Trusted Path Execution (TPE) is a feature that basically denies users the ability to execute programs that are not owned by the root user, or that they can write to. This prevents all kinds of exploits that would have otherwise rooted your system.

You can find the source code for this work-in-progress here:

https://github.com/cormander/tpe-lkm

Right now it’s simply “proof of concept” code, and not entirely functional. It only works on 64bit systems, and doesn’t currently cover the ability to mark pages executable by mmap and mprotect.

This is coded as a kernel module so people don’t have to recompile their whole kernel in order to use it. If you’d like to contribute code to this module, I would greatly appriciate the help.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>