Version française

The Manux operating system

Manux is a free (libre) Linux-compatible operating system designed to withstand zero-day attacks in userspace. Its latest version is 0.0.5. It is distributed under the GPLv3, with an optional additional term.

Latest version :

ChangeLog

Installer (≈66 MiB, installable, not compilable)

Source code (≈765 KiB, compilable, not installable)

Full source code (≈300 MiB, compilable and installable, and includes the packages for the associated distribution, based on LFS 7.2; you will generally not need this archive)

Sources of this distribution's programs



Short description

Manux is an operating system for x86 computers. Currently very small and limited (text-mode only), it is designed with several goals in mind :

Withstanding zero-day attacks in userspace;

Providing reinforced security against kernelspace exploits;

Preventing incompatibilities between Manux-based systems;

Making the system natively binary-compatible with Linux.

To achieve this :

The userspace architecture is unlike any other, with all processes chrooted (yes, even /bin/true). And programs that can launch others require no access to their chroot for this;

The kernel was written from scratch; I gave it has a modular monospace architecture, which allows on-the-fly kernel patching, in a manner very different from its Linux equivalent. This architecture allows not only the update of the kernel, but also full introspection of its data, structures, and their manipulation at will;

Thanks to the userspace architecture, theoretically incompatible libraries and programs can cohabitate with no conflict. This implies that, if a package can install on one distribution, it should install on any;

Although it shares no code with the Linux kernel, its kernel uses the same syscall vector and convention; thus Linux binaries work on it without recompilation.

Finally, I wrote some guidelines for distributions, in order to allow some standardisation.

Installation

To install it, you'll need an x86-based computer (at least i486), with an IDE-compatible hard drive (like ATA/ATAPI/SATA, just no SCSI), and a free partition. Only PS/2 keyboard are handled, but as it happens, some (all?) USB keyboards are handled just fine - I guess the hardware makes the translation between both protocols.

In addition, UEFI-based systems are unfortunately not yet handled.

Tips :

Do not try putting it anywhere but on the first hard drive. I, uh, well, never wrote the code for handling more than one hard drive.

try putting it anywhere but on the first hard drive. I, uh, well, never wrote the code for handling more than one hard drive. Always reboot electrically into it - don't simply reboot; power you computer down, then up again. That's because the mouse is not handled, and if you were to touch it, due to hardware technicalities, your keyboard would get stu

Features

The system is fully self-hosted, with Linux only required to reinstall it. It has all the tools required for its own development, like vim, gcc, bash, the coreutils, tar, etc.

Its filesystem is ext2l, a specific variant of ext2 that Linux can only mount read-only. Fortunately, it can also access vanilla ext2 (and ext3) in read-write mode.

Limitations

Uh, many. It's currently text-only, its IP stack isn't functionnal and will have to be partly rewritten, privilege-checking isn't implemented, it can't handle more than one hard drive...

Also, when compared to Linux, the speed difference is absolutely remarkable. Well, ok, not in its favor.

Documentation

Miscellaneous

Previous versions

Some funny Manux facts

Contact

About me



Legal mentions