fapolicyd
File Access Policy Daemon (by linux-application-whitelisting)
lkrg
Linux Kernel Runtime Guard (by lkrg-org)
fapolicyd | lkrg | |
---|---|---|
3 | 7 | |
181 | 397 | |
1.6% | 4.3% | |
8.4 | 7.8 | |
5 days ago | 15 days ago | |
C | C | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
fapolicyd
Posts with mentions or reviews of fapolicyd.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-10-04.
- Fapolicy troubleshooting
- fapolicyd should gracefully start despite errors in fapolicyd.conf
-
Best practices for public-facing machines
I'd consider fapolicyd for untrusted guest account systems. It ensures that only applications installed through the package manager can be run, i.e. no downloads of a local exploit and running ./hack on the terminal.
lkrg
Posts with mentions or reviews of lkrg.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-02-16.
-
[Security] Questions about LKRG and Debian hardening-runtime
What's the difference between LKRG and hardening-runtimepackage?
- LKRG – Linux Kernel Runtime Guard
-
Tetragone: A Lesson in Security Fundamentals
Similar concerns affect LKRG. Check out the LKRG bypass article by Alexander Popov for the details.
-
windows kernel patch guard-like for linux ?
I'm not an expert, but I can think of two things related to the integrity of Linux kernel. Linux has the ability to mark itself tainted 1 if you, as example, load proprietary drivers. On the other hand, there's Linux Kernel Runtime Guard (LKRG) 2 that performs integrity check on Linux kernel and detects exploits.
-
Need help with template modification
I'll try to make this as succinct as possible. I use the Linux Kernel Runtime Guard with my kernel as a security measure, and I use xbps-src to compile the kernel myself.
- Linux Kernel Runtime Guard (LKRG)
- Linux Kernel Runtime Guard
What are some alternatives?
When comparing fapolicyd and lkrg you can also consider the following projects:
ebpfkit - ebpfkit is a rootkit powered by eBPF