After developing it internally for over 10 years, the National Cybersecurity Agency of France (ANSSI) has decided to open source CLIP OS, a Linux-based operating system developed “to meet the specific needs of the [French] administration,” and is asking outside coders to contribute to its development.
About CLIP OS
“The CLIP OS project is lead and maintained by developers from the ANSSI but most of the source code resulting in the final CLIP OS system image comes from popular open source projects (the Linux kernel, the GNU Compiler Collection, etc.),” the Agency shared. “The project is based on Gentoo Hardened and has many similarities with Chromium OS or the Yocto project.”
CLIP OS incorporates a number of security mechanisms. One of these is environment isolation (partitioning), so that users can simultaneously process both public and sensitive information within two totally isolated software environments (“cages”), in order to avoid the risk of sensitive information leaking onto the public network.
“The execution environment of each Cage is logically isolated from the Core and from the all other Cages. Interactions between a Cage and the Core is carefully controlled and goes through confined and unprivileged services. Direct communication between Cages is forbidden. All inter-Cage interaction is mediated by services running in the Core,” ANSSI noted.
Other security properties include multi-level support to handle information at multiple confidentiality levels and restricted administrator access in production, so that they are not able to compromise system integrity or access user data.
ANSSI released versions 4 and 5 of the OS. The former is intended to serve as a reference for facilitating future developments, the latter (an alpha version) is in development and open to contribution.
According to the announcement, CLIP OS can be deployed on security gateways, client workstations, and “allows access to sensitive information for mobile use.”
But there is no pre-packaged version of CLIP OS for end-users – they have to get the source code and build their own system image.