In the age of internet-connected devices and the Internet of Things, security in embedded devices is an important consideration in the design of an embedded system.
In this recipe, we will discuss two of the frameworks most frequently used to enhance the security of the root filesystem and show how to integrate them into your Yocto Project-based product.
Linux implements file-level security. Each file has a set of access attributes for user, group and others, and they can be assigned read, write, or execute permissions, as well as some special modes.
Filesystem access is hence based on the system users and groups. When you list files with the ls -l
command, you see the file attributes with the following format:
-rwxr-xr-x
The first letter is the file type, followed by triads of user, group, and other permissions. The file can be read, written, and executed by the user that owns it, but only read and executed by a user in the same group or by a different...