在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):mesalock-linux/mesalock-distro开源软件地址(OpenSource Url):https://github.com/mesalock-linux/mesalock-distro开源编程语言(OpenSource Language):Shell 92.2%开源软件介绍(OpenSource Introduction):MesaLock Linux: A Memory-Safe Linux DistributionMesaLock Linux is a general purpose Linux distribution which aims to provide a safe and secure user space environment. To eliminate high-severe vulnerabilities caused by memory corruption, the whole user space applications are rewritten in memory-safe programming languages like Rust and Go. This extremely reduces attack surfaces of an operating system exposed in the wild, leaving the remaining attack surfaces auditable and restricted. Therefore, MesaLock Linux can substantially improve the security of the Linux ecosystem. Additionally, thanks to the Linux kernel, MesaLock Linux supports a broad hardware environment, making it deployable in many places. Two main usage scenarios of MesaLock Linux are for containers and security-sensitive embedded devices. With the growth of the ecosystem, MesaLock Linux would also be adopted in the server environment in the future. To get better functionality along with strong security guarantees, MesaLock Linux follows the following rules-of-thumb for hybrid memory-safe architecture design proposed by the Rust SGX SDK project.
Quick StartYou can quickly experience MesaLock Linux in the container environment using Docker. $ docker run -it mesalocklinux/mesalock-linux BuildingCurrently, MesaLock Linux is provided in two versions: live ISO and rootfs. The live ISO image can be used to create a bootable live USB, or boot in a virtual machine. The rootfs (i.e., root file system) can be used as a minimal root image for a container. RequirementsClone MesaLock repositoryClone $ mkdir mesalock-linux && cd mesalock-linux
$ git clone https://github.com/mesalock-linux/mesalock-distro.git
$ git clone https://github.com/mesalock-linux/packages.git
$ cd mesalock-distro Build in DockerWe provide a $ docker build --rm -t mesalocklinux/build-mesalock-linux -f Dockerfile.build .
$ docker run -v $(dirname $(pwd)):/mesalock-linux -w /mesalock-linux/mesalock-distro \
-it mesalocklinux/build-mesalock-linux /bin/bash The image of build environment is also provided from Docker
Hub. You can
pull and run the container with the repo name Build on UbuntuYou can also build on Ubuntu machine. Please install these build dependencies first: # install packages
$ apt-get update && \
apt-get install -q -y --no-install-recommends \
curl \
git \
build-essential \
cmake \
wget \
bc \
gawk \
parallel \
pigz \
cpio \
xorriso \
fakeroot \
syslinux-utils \
uuid-dev \
libmpc-dev \
libisl-dev \
libz-dev \
python-pip \
python-setuptools \
software-properties-common
# install build dependencies for pypy
$ apt-get install -q -y --no-install-recommends \
pypy \
gcc \
make \
libffi-dev \
pkg-config \
zlib1g-dev \
libbz2-dev \
libsqlite3-dev \
libncurses5-dev \
libexpat1-dev \
libssl-dev \
libgdbm-dev \
tk-dev \
libgc-dev \
python-cffi \
liblzma-dev \
libncursesw5-dev
# install wheel and sphinx
$ pip install wheel
$ pip install sphinx
# install Go
$ add-apt-repository -y ppa:gophers/archive && \
apt-get update && \
apt-get install -q -y --no-install-recommends \
golang-1.9-go
# install Rust
$ curl https://sh.rustup.rs -sSf | sh -s -- -y
$ rustup install nightly-2018-05-30 # we need this because some packages still depend on nightly
$ rustup default 1.27.2
# setup PATH
$ export PATH="$HOME/.cargo/bin:/usr/lib/go-1.9/bin:$PATH" Build packages, live ISO, and rootfsAfter installing build dependencies, you can run following commands to build packages, live ISO, and rootfs.
The live ISO ( TryingMesaLock Linux can be run in real devices (e.g., boot from a Live USB), virtual machines, and docker containers. Virtual machineYou can try MesaLock Linux with Live ISO or in a docker container. Here are steps to try MesaLock Linux in VirtualBox.
Docker containerWe provide a simple
The latest rootfs image with all packages is pushed to Docker
Hub. You can also
directly run the image with the repo name DemosHosting web serversThe
You can also try our demos in the docker image directly.
Working on machine learning tasksRusty-machine is a general
purpose machine learning library implemented entirely in Rust. We put several
demo examples of machine learning tasks in the PackagesMesaLock Linux provides many packages with memory safety in mind. All user space applications are written in Rust and Go. Thanks to the open source community, they have created many useful and high-quality tools. The number of packages will increase as the time goes on.
ContributingMesaLock Linux is a very young and at an early stage. Some important components are still missing or work-in-progress. Building safe and secure Linux distro relies on the whole community, and you are very welcome to contribute to the MesaLock Linux project. You can get involved in various forms:
You are welcome to send pull requests and report issues on GitHub. Note that the MesaLock Linux project follows the Git flow development model. CommunityIf you are interested in the MesaLock Linux project, please find us on the
List of our IRC channels:
Maintainer
Steering Committee
LicenseMesaLock Linux is provided under the BSD license. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论