Get the LinuxSecurity news you want faster with RSS
Powered By
SELinux
Want to know how to make Linux really secure? Security Enhanced Linux (SE Linux), a system of security policies developed by the NSA, let you secure Linux at every level from the kernel up. Find out how EnGarde Secure Linux and others build and maintain a truly secure server environment.
SElinux is an impressively designed but notoriously hard-to-configure set of kernel hooks that enforce Orange Book-style security on Linux. Full support for SELinux takes effort, but when I first heard about Fedora's new targeted policies for SELinux, I was willing to tell the Red Hat folks "thanks, but no thanks." A conversation with their Dan Walsh changed my mind.
One of the much-talked-about features in Fedora Core 3 (FC3) is Security-Enhanced Linux, which some people believe will make Linux a truly military-grade secure operating system. But SELinux is available to secure many other distributions as well.
Source: LinuxJournal - Posted by Benjamin D. Thomas
If a must-have, must-know innovation exists for Linux's future viability, you might place all bets on Security Enhanced Linux. Vastly misunderstood and underrated, SELinux provides a marketing differentiator that could carry Linux deep into infrastructures that so far have shown lukewarm acceptance of the open-source operating system. SELinux transforms standard Linux from a cost-effective and secure operating system into a behemoth.
SELinux enforces mandatory access control policies, which limit user and application privileges to the minimum required to do the job. In contrast, most operating systems have DAC (discretionary access control) schemes in which a process has access to everything available to the user who launched it. . . .
Source: Blane Warrene - Posted by Benjamin D. Thomas
Operating system security is (or at least should be) of critical importance to us all. However, the varying levels of security required differ for each systems administrator. . . .
This is to announce the availablity of a new Fedora mailing list for SELinux-specific discussion. The list is for users and developers posting bug reports, avc messages, support questions & answers, patches etc. For subscription details, see :http://www.redhat.com/mailman/listinfo/fedora-selinux-list . . .
The aim of this is to demonstrate that all necessary security can be provided by SE Linux without any Unix permissions (however it is still recommended that you use Unix permissions as well for real servers). Also it gives you a chance to login to a SE machine and see what it's like. . . .
Security Enhanced Linux (SELinux) is an extension to the standard Linux kernel that has been designed to enforce strict access controls. SELinux lets you confine processes to the minimum amount of privilege they require. In this article, I will cover the ideas behind SELinux and show how to install, configure, and manage an SELinux system.. . .
Source: selinux@tycho.nsa.gov - Posted by Benjamin D. Thomas
Secure Computing has reviewed the concerns expressed by the open source community about SELinux and certain Secure Computing patents. We understand that considerable effort has been invested in SELinux, with the expectation that SELinux would be available for everyone's use. . . .
