Home | Projects | Articles | Apophthegm | About |
Linux Kernel Runtime Guard (LKRG) Install Script
DISCONTINUED - Deprecated
Linux Kernel Runtime Guard (LKRG) is developed by Openwall team. LKRG can prevent and/or detect the Linux kernelspace exploit. However, the userspace exploit cannot be detected or prevented, such as DirtyC0W exploit even it uses the kernel for the exploit.
Be keep in mind that LKRG may be/can be bypassed like other programs.
These scripts can install/uninstall LKRG on Ubuntu Linux (or debain based) with ease. It uses DKMS that it will be recompiled automatically when new Linux kernel is installed.
These scripts are released under GPLv3 License by Samiux and it is free of charge.
The current scripts are for LKRG version 0.9.1.
Download LKRG
sudo apt install git
git clone https://github.com/samiux/lkrg
cd lkrg
Install LKRG
sudo chmod +x lkrg-0.9.1-install
sudo ./lkrg-0.9.1-install
Uninstall LKRG
sudo chmod +x lkrg-0.9.1-uninstall
sudo ./lkrg-0.9.1-uninstall
Stop LKRG
sudo systemctl stop lkrg
Start or Restart LKRG
sudo systemctl start lkrg
sudo systemctl restart lkrg
Status of LKRG
sudo sysctl -a | grep lkrg
dmesg | grep lkrg
Known Issues
- If Virtualbox is installed after the installation of LKRG, it is required to uninstall and reinstall LKRG; otherwises, Virtualbox will not working properly.
Reference
- LKRG - Linux Kernel Runtime Guard – Openwall (Developer)
- LKRG - Linux Kernel Runtime Guard – GitHub
- Linux Kernel Runtime Guard – LinuxReviews
- Linux Kernel Runtime Guard 0.9.1 Is Released – LinuxReviews
- CONFidence 2018: Linux Kernel Runtime Guard (LKRG) under the hood (Adam “pi3” Zabrocki)
Home | Projects | Articles | Apophthegm | About |