Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
Owl homepage
Other languages
Russian
Concepts
Architectures
Build environment
Installation instructions
Upgrade instructions
Download (HTTP, FTP, rsync, anoncvs)
CVSweb
Change logs
Changes in current
Changes in 3.1-stable
Changes up to 3.1
Changes in 3.0-stable
Changes up to 3.0
Changes in 2.0-stable
Changes up to 2.0
Changes in 1.1-stable
Changes up to 1.1
Changes up to 1.0
Changes in 0.1-stable
Artwork
Screenshots
Presentation slides
Wiki
OpenVZ virtualization
Packages
Owl VPS hosting
Owl in the news
These are some screenshots of Owl-current live CDs for x86-64 and i686 as of 2012/08/18. Owl 3.1-stable (released later) looks similar. The screenshots show how very conservative Owl is, which is an advantage for some of our prospective users, but a drawback for some others.

CD boot menu:
CD boot menu

CD just booted up:
CD just booted up

The installer program (settle):
The installer program (settle)

The system configuration program (setup):
The system configuration program (setup)

The password policy (configurable) is enforced even for the initial root password:
The password policy (configurable) is enforced even for the initial root password

There are no SUID (set-user-ID) programs on Owl; there are only some SGIDs (set-group-ID):
There are no SUID programs on Owl; there are only some SGIDs

SGID programs, if the concept is used right, are a lower risk than SUID. In fact, many of these programs could be unprivileged, but having them SGID introduces a layer of security separation and deals with some minor and subtle attacks (such as a user bypassing password policy for their own account or mounting a local Denial-of-Service attack).

Starting the OpenVZ service and the first OpenVZ container:
Starting the OpenVZ service and the first OpenVZ container

Listing the running OpenVZ containers and entering a container from the host:
Listing the running OpenVZ containers and entering a container from the host

Adjusting the limits on an OpenVZ container does not require its restart:
Adjusting the limits on an OpenVZ container

Networking from an OpenVZ container works just fine:
Networking from an OpenVZ container

Stopping and destroying an OpenVZ container:
Stopping and destroying an OpenVZ container

See also: Openwall GNU/*/Linux presentation slides and screenshots of passwdqc (our password/passphrase strength checking and policy enforcement toolset).

Quick Comment:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ

51222