With increasing popularity of Linux on Internet , more and more security holes are found in the current GNU/Linux system. You may hear from the Internet that --ooh, There are bugs found in Linux, which will cause the system to be easily compromised by hacker.
Since the Linux is an art of open source community, security holes can be found easily and can also be patched quickly. But when the hole is disclose to the public, and the administrator is too lazy to patch the hole. It is very easy to break into the current system and it is worse that the hacker can get the root shell. With the current GNU/linux system, he can do whatever he want. Now, you may ask, what is the problem and what can we do?
Another important method is to protect some important process is to make it unkillable by anybody, include root. LIDS can protect the process whose parent is init (pid = 1).
email@example.com). We just allow the system insert the modules into the system while the system boot up, then we seal the kernel, after sealing, the kernel do not allow anyone to insert modules into the kernel. Using the seal concept, we can use it to protect the important files, process --- we just change the necessary files or run the necessary process while the system is booting up, and after sealing the kernel, we can not make any change on the files again.