About This Document

The QNX System Security Guide is intended for both system integrators who are responsible for the security of a QNX Neutrino RTOS system and developers who want to create a QNX Neutrino resource manager free from vulnerabilities.

This guide is organized around these main topics:
Topic Chapter(s)
Security problems and attacks and the QNX Neutrino security features that can mitigate them Security Matrix
Brief descriptions of the features that protect the system and individual processes from attack Security Features Overview
More detailed descriptions of security features that are primarily of interest to developers of resource managers and other QNX Neutrino projects Security Features for Developers
More detailed descriptions of features that are primarily of interest to those who are responsible for implementing and enforcing security policies that create and maintain a trusted execution environment Security Features for System Integrators
Using security policies that control privileges centrally instead of in the processes themselves Security Policies
Using fortified versions of various system functions that check their arguments for conditions such as potential overflow of a destination buffer Fortified System Functions
The flexible cryptography framework that allows customers to choose which cryptography provider responds to requests on a per-process basis QNX Cryptography Library
A driver that interacts with the legacy /dev/crypto system device The devcrypto service
Restrict the code executed by a privileged process Pathtrust
Pluggable Authentication Module for authentication-related system functions PAM