Security Architecture

Security is at the core of everything LinuxGuard does. Our agent is designed with a zero-trust, least-privilege security model to ensure that the monitoring solution itself never becomes a security risk to your infrastructure.

Security-First Design Principles

LinuxGuard follows industry best practices for secure agent deployment:

  • No Root Privileges: The agent never runs with root privileges

  • Dedicated User Account: Operates under its own isolated user account

  • Least Privilege Access: Read-only access to system components, with write access only to agent-specific files

  • Minimal Attack Surface: Limited permissions reduce the potential impact of any security incident

  • Audit Integration: Seamlessly integrates with Linux audit systems for comprehensive monitoring

Installation Security Model

During installation, the LinuxGuard agent sets up a secure, isolated environment that follows the principle of least privilege.

Dedicated User Account

The installer creates a dedicated linuxguard user and group specifically for running the agent. This user account:

  • Has no login shell (cannot be used for interactive access)

  • Is a system account (not intended for human users)

  • Operates with minimal system privileges

  • Is isolated from other system processes and users

Directory Structure and Permissions

The installer creates a secure directory structure with appropriate ownership and permissions:

Agent-Owned Directories (read-write access):

  • /etc/linuxguard/ - Agent configuration files

  • /var/lib/linuxguard/ - Agent state and data files

  • /var/run/linuxguard/ - Runtime files and process information

  • /var/log/linuxguard/ - Agent log files

All agent-owned directories are:

  • Owned by the linuxguard user and group

  • Protected with restrictive permissions (750 or 755)

  • Isolated from other system components

System Component Access (read-only access):

  • The agent requires read-only access to certain system components for monitoring purposes

  • This includes system logs, configuration files, and audit data

  • Read access is granted only where necessary for security monitoring functionality

  • The agent cannot modify any system files or configurations

Audit System Integration

LinuxGuard integrates with the Linux audit system (auditd) to provide comprehensive security monitoring. The installer:

  • Installs audit rules that define what events to monitor

  • Creates a dedicated audit group (linuxguard-audit) for accessing audit logs

  • Configures the audit daemon to allow the agent to read audit logs securely

  • Ensures audit logs are accessible without requiring root privileges

This integration allows LinuxGuard to monitor system calls, file access, network activity, and other security-relevant events without running with elevated privileges.

Service Management

The agent runs as a system service under the linuxguard user account. The installer:

  • Registers the agent as a system service (systemd or OpenRC, depending on your distribution)

  • Configures the service to start automatically on system boot

  • Ensures the service runs with the correct user permissions

  • Provides standard service management capabilities (start, stop, restart, status)

Runtime Security

Once installed and running, the LinuxGuard agent:

  • Runs as non-root: All agent processes execute under the linuxguard user account

  • Read-only monitoring: Monitors system activity with read-only access to system components

  • Isolated data: Stores all agent data in dedicated directories with restricted access

  • Secure communication: All communication with the LinuxGuard console uses encrypted HTTPS connections

  • No system modifications: The agent never modifies system files, configurations, or other components outside its own directories

Security Benefits

This security model provides several key benefits:

  1. Reduced Attack Surface: By running without root privileges, the agent cannot be used to escalate privileges or compromise the system

  2. Compliance: The least-privilege model helps meet security compliance requirements

  3. Isolation: Agent processes and data are isolated from other system components

  4. Transparency: Clear separation between agent operations and system operations

  5. Auditability: The agent's own operations can be monitored and audited like any other system process

Verification

You can verify the security configuration after installation:

# Check the agent user exists
id linuxguard

# Verify agent processes run as non-root
ps aux | grep linuxguard-agent

# Check directory permissions
ls -la /etc/linuxguard
ls -la /var/lib/linuxguard
ls -la /var/log/linuxguard

All agent processes should show the linuxguard user, and all agent directories should be owned by linuxguard:linuxguard with appropriate restrictive permissions.

Best Practices

When deploying LinuxGuard in your environment:

  • Review permissions: Periodically review the agent's file permissions to ensure they remain restrictive

  • Monitor agent activity: Use your existing security monitoring to track agent behavior

  • Keep updated: Regularly update the agent to receive security patches and improvements

  • Network security: Ensure network policies allow the agent to communicate with api.linuxguard.io over HTTPS

  • Audit logs: Review agent logs regularly to ensure normal operation

Related: Installation | Troubleshooting

PreviousSupported DistributionsNextTroubleshooting

Last updated

Was this helpful?