Computer Associates has contributed a significant piece of widgetry it calls K-Gem to the Linux kernel that should put Linux in the running for B1 security clearance by "hardening" it.
K-Gem, short for Kernel General Event Module, will also simplify the lives of other ISVs by curing the "hooking nightmare" that has haunted Linux, according CA Linux chief Sam Greenblatt.
Linux developers will no longer have to intrude on the kernel and modify it to accomplish something as seemingly basic as event notification.
K-Gem will standardize the event notification process, tell the kernel that, say, someone wants to open a file and in turn pass that "event" to a security module such as CA's own eTrust Access Control for access authorization.
Up until now - and remember Linux wasn't originally conceived of as a commercial operating system - ISVs and concerns like Linux backers IBM and HP developed their own real-time event monitoring schemes, a complicated enough process, but because there were so many cooks in the kitchen, so to speak, it made Linux insecure.
Computer Associates has essentially walled off the Linux kernel from goodness knows what kind of code and provided other ISVs with automatic event notification.
The development puts Linux on a footing with, say, Sun's Solaris, which has had built-in event notification for a dog's age.
The 25,000 lines of K-Gem code have been turned over to Linux maintainer Andrew Morton, the number-two guy in Linux development next to creator Linus Torvalds and the guy responsible for the Linux production kernel.
Once K-Gem is cleared by Linux.org, the Linux development crew, it will become part of the kernel, probably by August when the Linux kernel 2.6.8 is scheduled to go gold.
Because K-Gem touches the kernel, CA is releasing it under the GPL, putting the company on the side of the angels in the eyes of the open source community.
The development, however, does not mean that CA has turned into a charitable institution. It expects to make a buck off eTrust Access Control.
- Maureen O'Gara is editor-in-chief of Maureen O'Gara's LinuxGram(TM) - published weekly by G2 Computer Intelligence and distributed by Linux Business Week.