Footnotes

and more exactly : it runs in Linux. It's a kernel patch

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... POST ^1.2

Power On Self Test. Auto-test of different physical components of the computer : chips, processor(s), memory, etc.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... medium ^1.3

This is an often forgotten vulnerability. You must be sure that the computer can't boot on another medium (disk, cd-rom) than the one you wanted, for example by using the correct BIOS parameters, or by removing the floppy driver.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... loaders ^1.4

Don't forget to put a password to lilo!

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... boot ^1.5

We suppose that the boot loader, the kernel and the init process are not compromised. If we prove that they can't be compromised while the box is working, we prove by induction that they won't be compromised for every future boot sequence. The initial point where these part are not compromised is the moment after the securisation of the box and before its first working day.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... interactions ^1.6

We can't elimate them as the major part makes the whole job of the box : serving web pages, firewalling, ...

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... execute''^1.7

And not ``who init must not execute''

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... ACL ^1.8

Access Control Lists

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... partial ^1.9

$s_1 \neq s_2 \nRightarrow \left( s_1 \prec s_2 \text{ or } s_2 \prec s_1 \right)$

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... element ^1.10

is minimal $\Leftrightarrow \{s\in\Sigma ~\vert~ s\prec s_m\}=\varnothing$

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... capabilities ^2.1

Please see linux/include/linux/capability.h for a complete and up to date description of these capabilities

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... LFS ^2.2

LIDS-free session. See chapter

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... relation ^3.1

An equivalence relation must verify

$\displaystyle \forall x$		$\displaystyle x \mathcal{R}x$
$\displaystyle x \mathcal{R}y$	$\displaystyle \Rightarrow$	$\displaystyle y \mathcal{R}x$
$\displaystyle x \mathcal{R}y$ and $\displaystyle y \mathcal{R}z$	$\displaystyle \Rightarrow$	$\displaystyle x \mathcal{R}z$

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... master ^6.1

See LIDS_LFS_MASTER in section

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

...DNA ^8.1

Direct Network Access : code used for LIDS to access network directly from the kernel, without any user space code support, to send mails or logs to remote syslog daemons.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... thread ^8.2

a process that is created by the kernel, and that run in kernel space

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... value ^9.1

an empty set for EMPTY_SET, a full set for FULL_SET, and the corresponding bit to 1 for any other

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... ones ^9.2

ie the closest parent which is a NODE in lids.conf

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... correct ^9.3

maybe using vrfy

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... sequence ^9.4

See the BOOT_TIME option in section

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... IP ^10.1

in hexadecimal format. For example, 127.0.0.1 will be 0100007f

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

">... IP^10.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... twice ^10.1

This permit lidsadm to encode the password once internally before sending it to the kernel, so that an interception out of lidsadm does not reveal it.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... DNA ^12.1

Direct Network Access : code used for LIDS to access network directly from the kernel, without any user space code support, to send mails or logs to remote syslog daemons.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... code ^12.2

ask also for its message queue size

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... trust ^12.3

if not, the password field must be given as a compilation time option, as it used to be before

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

...parent^16.1

parent is current

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... tags ^16.2

i.e. lids_caps_s with a positive tag field

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

...LIDS_OUTLAW^16.3

the access is granted regardless of the permissions. See section

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.