Mario Smarduch

This article is one of several intended to address Linux runtime application hardening. When we talk about Linux hardening, we typically mean runtime application hardening to improve application reliability, leading to expected and predictable execution despite undesirable operating conditions (such as high memory or network overload). Reliability is different from availability; a system may exhibit near-perfect availability (over five nines availability) but can still be unreliable. For example, a mobile user may experience dropped calls, or long delays while making a call or downloading content from the Web. Such incidents can occur under odd conditions and be sporadic due to poor hardening. For example, a process that is spending time in memory reclaim won't service its queue, which will lead to dropped requests. These sorts of incidents may not show up on availa... (more)