Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Want to know how to make Linux really secure? Security Enhanced Linux (SE Linux), a system of security policies developed by the NSA, let you secure Linux at every level from the kernel up. Find out how EnGarde Secure Linux and others build and maintain a truly secure server environment.

Tips for Taming SELinux  27 November 2007 
Source: - Posted by Ryan Berens   
Wanted to learn a few more tips on SELinux and get a feel for what it does? Carla Schroeder chimes in again regarding SELinux as a whole and its policies:

An SELinux policy has no concept of an all-powerful superuser, but only what is allowed and what is not allowed. It takes away the destructive potential of root. A successful intrusion will be confined to the process that it compromises, and will not be able to escalate beyond it. Sounds a bit like a chroot jail, doesn't it?
Developer Interview: Dan Walsh from SELinux  21 November 2007 
Source: Dan Walsh's Blog - Posted by Ryan Berens   
Fedora takes a some time and interviews Dan Walsh, one of the project leads on SELinux development. They ask him a couple questions about SELinux, open source and what he's been doing at Red Hat:

We all appreciate that when we turn on our Linux systems they're pretty secure. Thanks to continuing improvements to SELinux, it is increasingly easy for users to take advantage of this powerful security tool. Read on to find an interview with Daniel Walsh, the principal developer of SELinux in Fedora from Red Hat, where he tells us more about what SELinux does and how it's improved in Fedora 8. Also included are some screenshots which show-off the new policy creation GUI.
SEEdit 2.2.0 Released  19 November 2007 
Source: SELinuxNews - Posted by Bill Keys   
Yuichi Nakamura has announced the release of version 2.2.0 of SELinux Policy Editor (SEEdit). This release includes support for Fedora 8 and embedded systems. The performance of the simplified policy compiler has been improved, and it also now supports cross compilation of policy. Do you like using these types of SELinux editing tools? The purpose of theses tools is to help make administrating a system with SELinux enabled easier. Do you feel they help?
Samba/SELinux Policy  14 November 2007 
Source: Dan Walsh's Blog - Posted by Ryan Berens   
One of our featured blogs, Dan Walsh provides a HOWTO on creating an SELinux policy. In this blog I will actually walk through the Samba SELinux policy. As you know Policy is made up of three files, File Context (FC) Type Enforcement (TE) and an Interface file (IF) This is an extremely thorough and detailed overview.
Is SELinux leveling multi-level security?  09 November 2007 
Source: - Posted by Ryan Berens   
Just how much is security, especially in high-demand Government sectors, going to be driven and how is SELinux going to play a part?

This is a very interesting analysis on how SELinux has the opportunity to be so effective at locking down a system, it could devalue the current break up of security solutions. Interest in multi-level security in the intelligence and Defense agencies seems to be high right now, because it would allow analysts to access networks of multiple security levels with one machine. Now (so we hear) analysts may have two or three PCs in their office, one for each security level. The case he makes is that SELinux has the potential to negate these different levels and systems. Could SELinux have that kind of effect or are high-demand users still going to expect multiple systems?
Managing SELinux with SETools  30 October 2007 
Source: Search Enterprise Linux - Posted by Ryan Berens   
Configuring high-end SELinux (Security-enhanced Linux) policies can be a daunting challenge to system administrators, especially those who are new to the concepts and processes. But there are a number of useful tools available that will help you write, analyze and report on your policy. In this tip we'll look at one of these tools: SETools, a free open source product from Tresys Technology. This takes you through the capabilities of SETools, installing on your system and testing it out. With some emphasis on graphical tools and varied capabilities, this is a very useful resource.
SELinux sparks tussle over Linux security model  19 October 2007 
Posted by Ryan Berens   
This issue has been bantered around for almost a month now, and it seems that when they are addressing the future of the security in the Kernel, many different issues are still developing. As he states in the article: Last night, another developer, Thomas Fricaccia, urged that "a free and open operating system should preserve as much freedom for the end-user as possible. ... 'Freedom' includes the power to do bad things to yourself by, for example, making poor choices in security frameworks. This possible and permitted end result shouldn't be the concern of kernel developers." So how far can this discussion go? Is too much emphasis being placed on the kernel instead of the applications? Will this continue to be discussed this feverishly?
Kernel Space: A Simplified Security Framework for Linux  10 October 2007 
Source: Network World - Posted by Eckie Silapaswang   
Read the latest news on SMACK (Simplified Mandatory Access Control Kernel) and get some more insight into the current security debate concerning the beloved Linux kernel. Let us know your thoughts on SELinux's role (no pun intended) with the kernel as well as any thoughts in SMACK. How does it live up to its intent for "simplicity of administration"?

Linus Torvalds on SELinux  03 October 2007 
Source: Kernel Trap - Posted by Ryan Berens   
Continuing his outspoken nature, Torvalds reigns in on the issues between LSM and SELinux. The argument as to which method should be the foundation, is being hotly debated. "You security guys are insane..." Torvalds states. What's he judging? the value of SELinux as the framework (maybe it's good, maybe it's not) or something else?

Why are security experts the focus? It seems here, that Torvalds is focusing on the source, not the content or issue itself.

Aren't we past that?
Simplified Mandatory Access Control Kernel  01 October 2007 
Source: Kernel Trap - Posted by Eckie Silapaswang   
Smack is the Simplified Mandatory Access Control Kernel," Casey Schaufler said posting the third version of his patchest. He explained, "Smack implements mandatory access control (MAC) using labels attached to tasks and data containers, including files, SVIPC, and other tasks. Smack is a kernel based scheme that requires an absolute minimum of application support and a very small amount of configuration data."

It's always nice to have security at the kernel level - how does SMACK stack up to other security implementations? Have you been able to configure something similar with a good set of SELinux rules?

<< Start < Prev 4 5 6 Next > End >>

Results 41 - 50 of 88


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
MongoDB Patches Remote Denial-of-Service Vulnerability
DDoS Attack Against GitHub Continues After More Than Four Days
5 keys to hiring security talent
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.