Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Want to know how to make Linux really secure? Security Enhanced Linux (SE Linux), a system of security policies developed by the NSA, let you secure Linux at every level from the kernel up. Find out how EnGarde Secure Linux and others build and maintain a truly secure server environment.

Stop disabling SELinux!  19 April 2013 
Source: SC MagazIne - Posted by Dave Wreski   
The push to cloud transforms the way we apply information security principles to systems and applications.
Why SELinux is more work, but well worth the trouble  26 December 2012 
Source: IT World - Posted by Dave Wreski   
Many of us got used to the simple owner, group, and other model of Unix security so long ago that we were somewhat taken back when the setfacl and getfacl commands were introduced and added complexity to file permissions. All of a sudden, users and groups could be assigned access privileges separately from these three groupings and we had to pay attention to + signs at the ends of our permissions matrices that reminded us that additional access permissions were in effect.
NSA Extends Label-based Security to Big Data Stores  08 September 2011 
Source: PC World - Posted by Anthony Pell   
The National Security Agency has submitted new label-based data store software, called Accumulo, to the Apache Software Foundation, in hopes that other parties will further develop the technology for use in secure systems.
NSA Best Practices Recommend Windows Over Linux For Security  04 May 2011 
Source: IT Pro Portal - Posted by Dave Wreski   
A best practices document released by the US National Security Agency has advised users against using open source operating system platforms like Linux.
Read Signal Magazine's Interview with IA Director Schaeffer  22 October 2009 
Source: NSA - Posted by Anthony Pell   
The October edition of Signal Magazine features an extensive interview with IA Director Dick Schaeffer on the Nation’s broad and vigilant efforts to “maintain the edge in information assurance.” In the interview, Mr. Schaeffer discusses the information assurance challenges presented by the widespread reliance on commercial technologies, by information sharing across diverse communities of interest, and by the need for cryptographic interoperability in a secure environment, a need addressed by the Suite B strategy.
Walsh: Cool things with SELinux... Introducing sandbox -X  17 September 2009 
Source: LWN - Posted by Anthony Pell   
Red Hat SELinux hacker Dan Walsh has a weblog posting about a new feature added to his SELinux sandbox. sandbox -X essentially combines the sandbox with the idea behind the "xguest" user to create a sandbox for arbitrary desktop applications. It came out of a request to be able to sandbox "acroread": "Acroread and most other desktop applications use multiple communication channels, interacting not just with stdin and stdout, but accessing configuration files, directly or using interprocess calls as with GConf, the X server and other applications, and usually have full run of the user's home directory.
Secure Virtualization Using SELinux (sVirt)  25 August 2009 
Source: Dan Walsh - Posted by Anthony Pell   
While virtualization seems to be next big thing, providing great opportunities in resource allocation, system management, savings on power and cooling, and the ability to grow and shrink resources depending on demand. But what about the security?

What happens when a cracker breaks into a virtual machine and takes it over? What happens if there is a bug in the hypervisor?

The Cost of SELinux, Audit, & Kernel Debugging  14 August 2009 
Source: Phoronix - Posted by Anthony Pell   
When benchmarking development releases of Fedora in particular, they often end up being much slower than the final build and perform lower when compared against some of the other leading desktop distributions. As we have mentioned in previous articles, this is generally due to the debugging support enabled within the development builds of Fedora. To see just what the performance cost is, we have compared the Fedora 11 performance of the normal kernel against the kernel-debug package. Additionally, we also compared the performance when disabling SELinux and system auditing support.
Introducing SELinux Sandbox, Confines Untrusted Binaries  26 May 2009 
Source: OS News - Posted by Dave Wreski   
Here's an OS News link to a LKML discussion with Eric Paris. Looks intersting.Eric Paris, a SELinux developer, has announced today a new SELinux feature: "Dan and I (mostly Dan) have started to play with using SELinux to confine random untrusted binaries. The program is called 'sandbox.' The idea is to allow administrators to lock down tightly untrusted applications in a sandbox where they can not use the network and open/create any file that is not handed to the process. Can be used to protect a system while allowing it to run some untrusted binary."
Security Changes In The 2.6.28 Kernel  06 January 2009 
Source: - Posted by Bill Keys   
Version 2.6.28 of the Linux kernel was released during Christmas, so I thought it'd be worthwhile waiting until after typical vacation days to post a summary of changes to the security subsystem. As always, thanks to the Kernel Newbies folk who track major kernel changes. Serge Hallyn added a dummy policy for SELinux to the kernel tree. This is useful for testing SELinux and a base for building minimal and experimental security policies. Have you noticed some of the security changes to the latest upstream Linux kernel? Read on for more information on these changes.
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 88


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.