LSE - Linux Security Engine
LSE is an open source security project for GNU/Linux (Kernel 2.6 series).
It employs a "white list" approach to allow/disallow program execution on your computer.
It's an easy way to prevent user running applications which can be malicious [virus, backdoor, rootkit, ...] or simply unwanted.
By example, if your machine is running a vulnerable software, nobody will be able to use an exploit against this application because the exploit will not be allowed to be executed.
There is not not need to modify your kernel configuration (no need to recompile).
Feel free to comment ... or come to participate!