Projects / Medusa DS9

Medusa DS9

Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets. It contains the whole logic and implements the concrete security policy. That means that Medusa can implement any model of data protection; it depends only on configuration file, which is in fact a program in the internal programming language, somewhat similiar to C.

Operating Systems

Recent releases

  •  16 Apr 2002 13:29

    Release Notes: This release contains a patch for the 2.4.18 kernel, has modified support for Linux capabilities to make them actually work, fixes the filesystem code to correctly walk through mountpoints, disallows sending SIGSTOP and SIGTSTP to constable, and contains few other minor fixes, cleanups, and improvements.

    •  22 Nov 2001 16:38

      Release Notes: This release is a preparation for the next generation of the authorisation server. It includes changes in the FORK event, new START event, improved startup behaviour by setting defaults to all processes, changes required to implement RBAC, and a bunch of bugfixes. Kernel patches have been upgraded to 2.2.20 and 2.4.14 kernels.

      •  18 Sep 2001 18:16

        Release Notes: A hardlink bug on 2.4 kernels has been fixed.

        •  10 Aug 2001 15:34

          Release Notes: Several bugs found in the alpha release were fixed. This version contains Constable and the VS monitor (kernel patch) for Linux 2.2.19 and 2.4.7.

          •  03 Aug 2001 23:22

            Release Notes: Improved code that handles privilege elevation during execve(), addition of several missing permission checks to System V IPC code, some bugfixes in VFS code, and 2.4.x kernel support (alpha).

            Recent comments

            26 Apr 2000 13:54 kubiki

            protected system by medusa
            This is perfect software to protect your linux system.
            Even it allows you to protect against inadvertent commands like 'rm -rf /' and so on. In case of hacking system medusa can protect itself, because it supports protection of processes against killing (generally send any signal to any proces) thus it remains only one way to disable medusa, to get to the console.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.