DOCSLIB.ORG

CIS Ubuntu Linux 18.04 LTS Benchmark

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CIS Ubuntu Linux 18.04 LTS Benchmark CIS Ubuntu Linux 18.04 LTS Benchmark v2.0.1 - 01-03-2020 Terms of Use Please see the below link for our current terms of use: https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/ 1 | P a g e Table of Contents Terms of Use ........................................................................................................................................................... 1 Overview ............................................................................................................................................................... 13 Intended Audience ........................................................................................................................................ 13 Consensus Guidance ..................................................................................................................................... 13 Typographical Conventions ...................................................................................................................... 15 Scoring Information ..................................................................................................................................... 15 Profile Definitions ......................................................................................................................................... 16 Acknowledgements ...................................................................................................................................... 17 Recommendations ............................................................................................................................................. 19 1 Initial Setup .................................................................................................................................................. 20 1.1 Filesystem Configuration ............................................................................................................... 21 1.1.1 Disable unused filesystems ................................................................................................... 22 1.1.1.1 Ensure mounting of cramfs filesystems is disabled (Scored) ......................... 23 1.1.1.2 Ensure mounting of freevxfs filesystems is disabled (Scored) ....................... 25 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled (Scored) .............................. 27 1.1.1.4 Ensure mounting of hfs filesystems is disabled (Scored) ................................. 29 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled (Scored) ........................ 31 1.1.1.6 Ensure mounting of squashfs filesystems is disabled (Scored) ..................... 33 1.1.1.7 Ensure mounting of udf filesystems is disabled (Scored) ................................ 35 1.1.1.8 Ensure mounting of FAT filesystems is limited (Not Scored) ......................... 37 1.1.2 Ensure /tmp is configured (Scored) ............................................................................. 39 1.1.3 Ensure nodev option set on /tmp partition (Scored) ............................................ 42 1.1.4 Ensure nosuid option set on /tmp partition (Scored) ........................................... 44 1.1.5 Ensure noexec option set on /tmp partition (Scored) .......................................... 46 1.1.6 Ensure separate partition exists for /var (Scored)................................................. 48 1.1.7 Ensure separate partition exists for /var/tmp (Scored) ...................................... 50 1.1.8 Ensure nodev option set on /var/tmp partition (Scored) ................................... 52 1.1.9 Ensure nosuid option set on /var/tmp partition (Scored) .................................. 53 1.1.10 Ensure noexec option set on /var/tmp partition (Scored) ............................... 54 2 | P a g e 1.1.11 Ensure separate partition exists for /var/log (Scored) ..................................... 55 1.1.12 Ensure separate partition exists for /var/log/audit (Scored) ......................... 57 1.1.13 Ensure separate partition exists for /home (Scored) ......................................... 59 1.1.14 Ensure nodev option set on /home partition (Scored) ...................................... 61 1.1.15 Ensure nodev option set on /dev/shm partition (Scored) ............................... 62 1.1.16 Ensure nosuid option set on /dev/shm partition (Scored) .............................. 64 1.1.17 Ensure noexec option set on /dev/shm partition (Scored) .............................. 66 1.1.18 Ensure nodev option set on removable media partitions (Not Scored) ...... 68 1.1.19 Ensure nosuid option set on removable media partitions (Not Scored) ..... 69 1.1.20 Ensure noexec option set on removable media partitions (Not Scored) ..... 70 1.1.21 Ensure sticky bit is set on all world-writable directories (Scored) ............... 71 1.1.22 Disable Automounting (Scored) .................................................................................. 73 1.1.23 Disable USB Storage (Scored) ....................................................................................... 75 1.2 Configure Software Updates ......................................................................................................... 77 1.2.1 Ensure package manager repositories are configured (Not Scored) ............... 78 1.2.2 Ensure GPG keys are configured (Not Scored) ......................................................... 79 1.3 Configure sudo ................................................................................................................................... 80 1.3.1 Ensure sudo is installed (Scored) .................................................................................. 81 1.3.2 Ensure sudo commands use pty (Scored) .................................................................. 83 1.3.3 Ensure sudo log file exists (Scored) .............................................................................. 84 1.4 Filesystem Integrity Checking ...................................................................................................... 85 1.4.1 Ensure AIDE is installed (Scored) .................................................................................. 86 1.4.2 Ensure filesystem integrity is regularly checked (Scored) .................................. 88 1.5 Secure Boot Settings ........................................................................................................................ 90 1.5.1 Ensure permissions on bootloader config are configured (Scored) ................ 91 1.5.2 Ensure bootloader password is set (Scored) ............................................................ 93 1.5.3 Ensure authentication required for single user mode (Scored) ........................ 96 1.5.4 Ensure interactive boot is not enabled (Not Scored) ............................................. 97 1.6 Additional Process Hardening ..................................................................................................... 98 1.6.1 Ensure XD/NX support is enabled (Scored) .............................................................. 99 3 | P a g e 1.6.2 Ensure address space layout randomization (ASLR) is enabled (Scored) .. 101 1.6.3 Ensure prelink is disabled (Scored) ............................................................................ 103 1.6.4 Ensure core dumps are restricted (Scored) ............................................................ 104 1.7 Mandatory Access Control ........................................................................................................... 106 1.7.1 Configure AppArmor ............................................................................................................. 107 1.7.1.1 Ensure AppArmor is installed (Scored) ................................................................. 107 1.7.1.2 Ensure AppArmor is enabled in the bootloader configuration (Scored).. 109 1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode (Scored) .............................................................................................................................................................. 111 1.7.1.4 Ensure all AppArmor Profiles are enforcing (Scored) ..................................... 113 1.8 Warning Banners............................................................................................................................. 115 1.8.1 Command Line Warning Banners .................................................................................... 116 1.8.1.1 Ensure message of the day is configured properly (Scored) ......................... 117 1.8.1.2 Ensure local login warning banner is configured properly (Scored) ......... 119 1.8.1.3 Ensure remote login warning banner is configured properly (Scored).... 121 1.8.1.4 Ensure permissions on /etc/motd are configured (Scored) ......................... 123 1.8.1.5 Ensure permissions on /etc/issue are configured (Scored) ......................... 124 1.8.1.6 Ensure permissions on /etc/issue.net are configured (Scored) .................. 125 1.8.2 Ensure GDM login banner is configured (Scored) ................................................. 126 1.9 Ensure updates, patches, and additional security software are installed (Not Scored) .............................................................................................................................................. 128 2 Services .......................................................................................................................................................
Load more

Recommended publications
  • Desktop Migration and Administration Guide
    Red Hat Enterprise Linux 7 Desktop Migration and Administration Guide GNOME 3 desktop migration planning, deployment, configuration, and administration in RHEL 7 Last Updated: 2021-05-05 Red Hat Enterprise Linux 7 Desktop Migration and Administration Guide GNOME 3 desktop migration planning, deployment, configuration, and administration in RHEL 7 Marie Doleželová Red Hat Customer Content Services [email protected] Petr Kovář Red Hat Customer Content Services [email protected] Jana Heves Red Hat Customer Content Services Legal Notice Copyright © 2018 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
    [Show full text]
  • Open Source Licensing Information for Cisco IP Phone 8800 Series
    Open Source Used In Cisco IP Phone 8800 Series 12.1(1) Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-163803748 Open Source Used In Cisco IP Phone 8800 Series 12.1(1) 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-163803748 Contents 1.1 bluez 4.101 :MxC-1.1C R4.0 1.1.1 Available under license 1.2 BOOST C++ Library 1.63.0 1.2.1 Available under license 1.3 busybox 1.21.0 1.3.1 Available under license 1.4 Busybox 1.23.1 1.4.1 Available under license 1.5 cjose 0.4.1 1.5.1 Available under license 1.6 cppformat 2.0.0 1.6.1 Available under license 1.7 curl 7.26.0 1.7.1 Available under license 1.8 dbus 1.4.1 :MxC-1.1C R4.0 1.8.1 Available under license 1.9 DirectFB library and utilities 1.4.5 1.9.1 Available under license 1.10 dnsmasq 2.46 1.10.1 Available under license 1.11 flite 2.0.0 1.11.1 Available under license 1.12 glibc 2.13 1.12.1 Available under license 1.13 hostapd 2.0 :MxC-1.1C R4.0 1.13.1 Available under license Open Source Used
    [Show full text]
  • De-Anonymizing Live Cds Through Physical Memory Analysis
    De-Anonymizing Live CDs through Physical Memory Analysis Andrew Case [email protected] Digital Forensics Solutions Abstract Traditional digital forensics encompasses the examination of data from an offline or “dead” source such as a disk image. Since the filesystem is intact on these images, a number of forensics techniques are available for analysis such as file and metadata examination, timelining, deleted file recovery, indexing, and searching. Live CDs present a serious problem for this investigative model, however, since the OS and applications execute in a RAM-only environment and do not save data on non-volatile storage devices such as the local disk. In order to solve this problem, we present a number of techniques that support complete recovery of a live CD’s in-memory filesystem and partial recovery of its deleted contents. We also present memory analysis of the popular Tor application, since it is used by a number of live CDs in an attempt to keep network communications encrypted and anonymous. 1 Introduction Traditional digital forensics encompasses the examination of data from an offline or “dead” source such as a disk image. Under normal circumstances, evidence is obtained by first creating an exact, bit-for-bit copy of the target disk, followed by hashing of both the target disk and the new copy. If these hashes match then it is known that an exact copy has been made, and the hash is recorded to later prove that evidence was not modified during the investigation. Besides satisfying legal requirements, obtaining a bit-for-bit copy of data provides investigators with a wealth of information to examine and makes available a number of forensics techniques.
    [Show full text]
  • 1. D-Bus a D-Bus FAQ Szerint D-Bus Egy Interprocessz-Kommunikációs Protokoll, És Annak Referenciamegvalósítása
    Az Udev / D-Bus rendszer - a modern asztali Linuxok alapja A D-Bus rendszer minden modern Linux disztribúcióban jelen van, sőt mára már a Linux, és más UNIX jellegű, sőt nem UNIX rendszerek (különösen a desktopon futó változatok) egyik legalapvetőbb technológiája, és az ismerete a rendszergazdák számára lehetővé tesz néhány rendkívül hasznos trükköt, az alkalmazásfejlesztőknek pedig egyszerűen KÖTELEZŐ ismerniük. Miért ilyen fontos a D-Bus? Mit csinál? D-Bus alapú technológiát teszik lehetővé többek között azt, hogy közönséges felhasználóként a kedvenc asztali környezetünkbe bejelentkezve olyan feladatokat hajtsunk végre, amiket a kernel csak a root felasználónak engedne meg. Felmountolunk egy USB meghajtót? NetworkManagerrel konfiguráljuk a WiFi-t, a 3G internetet vagy bármilyen más hálózati csatolót, és kapcsolódunk egy hálózathoz? Figyelmeztetést kapunk a rendszertől, hogy új szoftverfrissítések érkeztek, majd telepítjük ezeket? Hibernáljuk, felfüggesztjük a gépet? A legtöbb esetben ma már D-Bus alapú technológiát használunk ilyen esetben. A D-Bus lehetővé teszi, hogy egymástól függetlenül, jellemzően más UID alatt indított szoftverösszetevők szabványos és biztonságos módon igénybe vegyék egymás szolgáltatásait. Ha valaha lesz a Linuxhoz professzionális desktop tűzfal vagy vírusirtó megoldás, a dolgok jelenlegi állasa szerint annak is D- Bus technológiát kell használnia. A D-Bus technológia legfontosabb ihletője a KDE DCOP rendszere volt, és mára a D-Bus leváltotta a DCOP-ot, csakúgy, mint a Gnome Bonobo technológiáját. 1. D-Bus A D-Bus FAQ szerint D-Bus egy interprocessz-kommunikációs protokoll, és annak referenciamegvalósítása. Ezen referenciamegvalósítás egyik összetevője, a libdbus könyvtár a D- Bus szabványnak megfelelő kommunikáció megvalósítását segíti. Egy másik összetevő, a dbus- daemon a D-Bus üzenetek routolásáért, szórásáért felelős.
    [Show full text]
  • Hardware-Driven Evolution in Storage Software by Zev Weiss A
    Hardware-Driven Evolution in Storage Software by Zev Weiss A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Computer Sciences) at the UNIVERSITY OF WISCONSIN–MADISON 2018 Date of final oral examination: June 8, 2018 ii The dissertation is approved by the following members of the Final Oral Committee: Andrea C. Arpaci-Dusseau, Professor, Computer Sciences Remzi H. Arpaci-Dusseau, Professor, Computer Sciences Michael M. Swift, Professor, Computer Sciences Karthikeyan Sankaralingam, Professor, Computer Sciences Johannes Wallmann, Associate Professor, Mead Witter School of Music i © Copyright by Zev Weiss 2018 All Rights Reserved ii To my parents, for their endless support, and my cousin Charlie, one of the kindest people I’ve ever known. iii Acknowledgments I have taken what might be politely called a “scenic route” of sorts through grad school. While Ph.D. students more focused on a rapid graduation turnaround time might find this regrettable, I am glad to have done so, in part because it has afforded me the opportunities to meet and work with so many excellent people along the way. I owe debts of gratitude to a large cast of characters: To my advisors, Andrea and Remzi Arpaci-Dusseau. It is one of the most common pieces of wisdom imparted on incoming grad students that one’s relationship with one’s advisor (or advisors) is perhaps the single most important factor in whether these years of your life will be pleasant or unpleasant, and I feel exceptionally fortunate to have ended up iv with the advisors that I’ve had.
    [Show full text]
  • Elinos Product Overview
    SYSGO Product Overview ELinOS 7 Industrial Grade Linux ELinOS is a SYSGO Linux distribution to help developers save time and effort by focusing on their application. Our Industrial Grade Linux with user-friendly IDE goes along with the best selection of software packages to meet our cog linux Qt LOCK customers needs, and with the comfort of world-class technical support. ELinOS now includes Docker support Feature LTS Qt Open SSH Configurator Kernel embedded Open VPN in order to isolate applications running on the same system. laptop Q Bug Shield-Virus Docker Eclipse-based QEMU-based Application Integrated Docker IDE HW Emulators Debugging Firewall Support ELINOS FEATURES MANAGING EMBEDDED LINUX VERSATILITY • Industrial Grade Creating an Embedded Linux based system is like solving a puzzle and putting • Eclipse-based IDE for embedded the right pieces together. This requires a deep knowledge of Linux’s versatility Systems (CODEO) and takes time for the selection of components, development of Board Support • Multiple Linux kernel versions Packages and drivers, and testing of the whole system – not only for newcomers. incl. Kernel 4.19 LTS with real-time enhancements With ELinOS, SYSGO offers an ‘out-of-the-box’ experience which allows to focus • Quick and easy target on the development of competitive applications itself. ELinOS incorporates the system configuration appropriate tools, such as a feature configurator to help you build the system and • Hardware Emulation (QEMU) boost your project success, including a graphical configuration front-end with a • Extensive file system support built-in integrity validation. • Application debugging • Target analysis APPLICATION & CONFIGURATION ENVIRONMENT • Runs out-of-the-box on PikeOS • Validated and tested for In addition to standard tools, remote debugging, target system monitoring and PowerPC, x86, ARM timing behaviour analyses are essential for application development.
    [Show full text]
  • Unionfs: User- and Community-Oriented Development of a Unification File System
    Unionfs: User- and Community-Oriented Development of a Unification File System David Quigley, Josef Sipek, Charles P. Wright, and Erez Zadok Stony Brook University {dquigley,jsipek,cwright,ezk}@cs.sunysb.edu Abstract If a file exists in multiple branches, the user sees only the copy in the higher-priority branch. Unionfs allows some branches to be read-only, Unionfs is a stackable file system that virtually but as long as the highest-priority branch is merges a set of directories (called branches) read-write, Unionfs uses copy-on-write seman- into a single logical view. Each branch is as- tics to provide an illusion that all branches are signed a priority and may be either read-only writable. This feature allows Live-CD develop- or read-write. When the highest priority branch ers to give their users a writable system based is writable, Unionfs provides copy-on-write se- on read-only media. mantics for read-only branches. These copy- on-write semantics have lead to widespread There are many uses for namespace unifica- use of Unionfs by LiveCD projects including tion. The two most common uses are Live- Knoppix and SLAX. In this paper we describe CDs and diskless/NFS-root clients. On Live- our experiences distributing and maintaining CDs, by definition, the data is stored on a read- an out-of-kernel module since November 2004. only medium. However, it is very convenient As of March 2006 Unionfs has been down- for users to be able to modify the data. Uni- loaded by over 6,700 unique users and is used fying the read-only CD with a writable RAM by over two dozen other projects.
    [Show full text]
  • CIS Ubuntu Linux 18.04 LTS Benchmark
    CIS Ubuntu Linux 18.04 LTS Benchmark v1.0.0 - 08-13-2018 Terms of Use Please see the below link for our current terms of use: https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/ 1 | P a g e Table of Contents Terms of Use ........................................................................................................................................................... 1 Overview ............................................................................................................................................................... 12 Intended Audience ........................................................................................................................................ 12 Consensus Guidance ..................................................................................................................................... 13 Typographical Conventions ...................................................................................................................... 14 Scoring Information ..................................................................................................................................... 14 Profile Definitions ......................................................................................................................................... 15 Acknowledgements ...................................................................................................................................... 17 Recommendations ............................................................................................................................................
    [Show full text]
  • A Brief History of GNOME
    A Brief History of GNOME Jonathan Blandford <[email protected]> July 29, 2017 MANCHESTER, UK 2 A Brief History of GNOME 2 Setting the Stage 1984 - 1997 A Brief History of GNOME 3 Setting the stage ● 1984 — X Windows created at MIT ● ● 1985 — GNU Manifesto Early graphics system for ● 1991 — GNU General Public License v2.0 Unix systems ● 1991 — Initial Linux release ● Created by MIT ● 1991 — Era of big projects ● Focused on mechanism, ● 1993 — Distributions appear not policy ● 1995 — Windows 95 released ● Holy Moly! X11 is almost ● 1995 — The GIMP released 35 years old ● 1996 — KDE Announced A Brief History of GNOME 4 twm circa 1995 ● Network Transparency ● Window Managers ● Netscape Navigator ● Toolkits (aw, motif) ● Simple apps ● Virtual Desktops / Workspaces A Brief History of GNOME 5 Setting the stage ● 1984 — X Windows created at MIT ● 1985 — GNU Manifesto ● Founded by Richard Stallman ● ● 1991 — GNU General Public License v2.0 Our fundamental Freedoms: ○ Freedom to run ● 1991 — Initial Linux release ○ Freedom to study ● 1991 — Era of big projects ○ Freedom to redistribute ○ Freedom to modify and ● 1993 — Distributions appear improve ● 1995 — Windows 95 released ● Also, a set of compilers, ● 1995 — The GIMP released userspace tools, editors, etc. ● 1996 — KDE Announced This was an overtly political movement and act A Brief History of GNOME 6 Setting the stage ● 1984 — X Windows created at MIT “The licenses for most software are ● 1985 — GNU Manifesto designed to take away your freedom to ● 1991 — GNU General Public License share and change it. By contrast, the v2.0 GNU General Public License is intended to guarantee your freedom to share and ● 1991 — Initial Linux release change free software--to make sure the ● 1991 — Era of big projects software is free for all its users.
    [Show full text]
  • Scibian 9 HPC Installation Guide
    Scibian 9 HPC Installation guide CCN-HPC Version 1.9, 2018-08-20 Table of Contents About this document . 1 Purpose . 2 Structure . 3 Typographic conventions . 4 Build dependencies . 5 License . 6 Authors . 7 Reference architecture. 8 1. Hardware architecture . 9 1.1. Networks . 9 1.2. Infrastructure cluster. 10 1.3. User-space cluster . 12 1.4. Storage system . 12 2. External services . 13 2.1. Base services. 13 2.2. Optional services . 14 3. Software architecture . 15 3.1. Overview . 15 3.2. Base Services . 16 3.3. Additional Services. 19 3.4. High-Availability . 20 4. Conventions . 23 5. Advanced Topics . 24 5.1. Boot sequence . 24 5.2. iPXE Bootmenu Generator. 28 5.3. Debian Installer Preseed Generator. 30 5.4. Frontend nodes: SSH load-balancing and high-availability . 31 5.5. Service nodes: DNS load-balancing and high-availability . 34 5.6. Consul and DNS integration. 35 5.7. Scibian diskless initrd . 37 Installation procedure. 39 6. Overview. 40 7. Requirements . 41 8. Temporary installation node . 44 8.1. Base installation . 44 8.2. Administration environment . 44 9. Internal configuration repository . 46 9.1. Base directories . 46 9.2. Organization settings . 46 9.3. Cluster directories . 48 9.4. Puppet configuration . 48 9.5. Cluster definition. 49 9.6. Service role . 55 9.7. Authentication and encryption keys . 56 10. Generic service nodes . 62 10.1. Temporary installation services . 62 10.2. First Run. 62 10.3. Second Run . 64 10.4. Base system installation. 64 10.5. Ceph deployment . 66 10.6. Consul deployment.
    [Show full text]
  • Key-Based Self-Driven Compression in Columnar Binary JSON
    Otto von Guericke University of Magdeburg Department of Computer Science Master's Thesis Key-Based Self-Driven Compression in Columnar Binary JSON Author: Oskar Kirmis November 4, 2019 Advisors: Prof. Dr. rer. nat. habil. Gunter Saake M. Sc. Marcus Pinnecke Institute for Technical and Business Information Systems / Database Research Group Kirmis, Oskar: Key-Based Self-Driven Compression in Columnar Binary JSON Master's Thesis, Otto von Guericke University of Magdeburg, 2019 Abstract A large part of the data that is available today in organizations or publicly is provided in semi-structured form. To perform analytical tasks on these { mostly read-only { semi-structured datasets, Carbon archives were developed as a column-oriented storage format. Its main focus is to allow cache-efficient access to fields across records. As many semi-structured datasets mainly consist of string data and the denormalization introduces redundancy, a lot of storage space is required. However, in Carbon archives { besides a deduplication of strings { there is currently no compression implemented. The goal of this thesis is to discuss, implement and evaluate suitable compression tech- niques to reduce the amount of storage required and to speed up analytical queries on Carbon archives. Therefore, a compressor is implemented that can be configured to apply a combination of up to three different compression algorithms to the string data of Carbon archives. This compressor can be applied with a different configuration per column (per JSON object key). To find suitable combinations of compression algo- rithms for each column, one manual and two self-driven approaches are implemented and evaluated. On a set of ten publicly available semi-structured datasets of different kinds and sizes, the string data can be compressed down to about 53% on average, reducing the whole datasets' size by 20%.
    [Show full text]
  • Ted Ts'o on Linux File Systems
    Ted Ts’o on Linux File Systems An Interview RIK FARROW Rik Farrow is the Editor of ;login:. ran into Ted Ts’o during a tutorial luncheon at LISA ’12, and that later [email protected] sparked an email discussion. I started by asking Ted questions that had I puzzled me about the early history of ext2 having to do with the perfor- mance of ext2 compared to the BSD Fast File System (FFS). I had met Rob Kolstad, then president of BSDi, because of my interest in the AT&T lawsuit against the University of California and BSDi. BSDi was being sued for, among other things, Theodore Ts’o is the first having a phone number that could be spelled 800-ITS-UNIX. I thought that it was important North American Linux for the future of open source operating systems that AT&T lose that lawsuit. Kernel Developer, having That said, when I compared the performance of early versions of Linux to the current version started working with Linux of BSDi, I found that they were closely matched, with one glaring exception. Unpacking tar in September 1991. He also archives using Linux (likely .9) was blazingly fast compared to BSDi. I asked Rob, and he served as the tech lead for the MIT Kerberos explained that the issue had to do with synchronous writes, finally clearing up a mystery for me. V5 development team, and was the architect at IBM in charge of bringing real-time Linux Now I had a chance to ask Ted about the story from the Linux side, as well as other questions in support of real-time Java to the US Navy.
    [Show full text]