It looks like the NSA is going to throw some funds at Linux to help tighten up its security. The NSA is interested in a version of Linux that is kept more secure by restraining programs so they have only the bare minimum of privileges required to do their jobs. That would make it harder for attackers to take advantage of "buffer overrun" or "format string" vulnerabilities. The NSA awarded the two-year, $1.2 million contract to the PGP Security division of the Santa Clara, Calif.-based company, Network Associates announced Monday. The company will add more security features into a version of Linux the NSA already has paid for called "Security-Enhanced Linux" (
SELinux).
For more information, visit the following link.