The traditional way of handling permissions in Linux involves exactly two process types: Privileged and unprivileged processes. When disregarding capabilities, a process is privileged in case the effective UID is equal to 0 – providing permissions commonly referred to as root privileges. The Linux kernel makes a sharp distinction between privileged and unprivileged processes. For example, privileged processes are allowed to bypass various kernel permission checks. This results in a severe security violation in case untrusted applications are allowed to run with root privileges. Because of the security concerns resulting from this, capabilities have been introduced starting from kernel version 2.2.
With the steadily growing spread of containerization now and in the future, it becomes increasingly necessary to properly understand the internals and potential security threats resulting from aspects like kernel vulnerabilities, container misconfigurations and wrong use. This also includes optimizing the process of deploying and distributing containers and their environments to increase the productivity and efficiency, which directly impacts the cost factor. There are many ways containerization can be implemented - this blog post series focusses on Linux namespaces and control groups. These features are currently being used by LXC and Docker.
In this article I am going to highlight some of the issues concerning the current state of post quantum cryptography. This article is written for readers who want a high level overview and are not much concerned with technical details.
The first part explains how security of cryptographic algorithms is determined in theory. Next, the notion of post quantum cryptography is introduced. Eventually, selected aspects if one decides to use post quantum cryptography are highlighted.