Linked by Rahul on Tue 10th Mar 2009 23:26 UTC
Mark Cox, Red Hat's director of security response, has published his usual risk report, which includes very detailed statistics and other information on security issues and how they were handled in Red Hat Enterprise Linux 4. Red Hat remains the only OS vendor to directly publish such information and provide the raw data as well. "Red Hat is continually developing technologies to help reduce the risk of security threats, and a number of these were consolidated into Red Hat Enterprise Linux 4. The most significant technologies were SELinux and Exec-Shield. Exec-Shield is a project which includes support for the No eXecute (NX) memory permission, simulating NX via segment limits, Position Independent Executables (PIE), gcc, and glibc hardening. For more details, a table of the major security technology innovations in Enterprise 4 is available."