|
Want to know how to make Linux really secure? Security Enhanced Linux (SE Linux), a system of security policies developed by the NSA, let you secure Linux at every level from the kernel up. Find out how EnGarde Secure Linux and others build and maintain a truly secure server environment.
|
|
|
Source: livejournal.com - Posted by Bill Keys
|
|
One thing that I have been a little lax about reporting is when SELinux has mitigated a vulnerability. This past week, two Samba vulnerabilities were fixed in an Red Hat Network Update. These fixes were available at the same time as public disclosure of the issues, There are no currently known public exploits of Samba available. This errata fixed two bugzillas #239774 and #239429. I would like to point out that even with these vulnerabilities being able to leverage a heap overflow to run arbitrary code on a recent RHEL is hard.
|
|
|
Source: SecurityBlog::Brindle - Posted by Bill Keys
|
|
During the last year quite a bit of effort has gone into improving SELinux’ networking support, thanks to the great SELinux community. While this support is still evolving it will be very beneficial for people to try it out and give feedback so the final result is useful to more users and meets the security needs of a wider audience. As the network support in SELinux continues to evolve (there are already other ideas being discussed for possible inclusion) I’ll try to keep this post updated so that people who find it will have the latest information available.
|
|
|
Source: GCN - Posted by Bill Keys
|
|
The developers of one of the most secure operating systems available will use one of the most open collaboration platforms to continue work. The development community for SELinux will can start to use a newly created wiki site for collaboration and discussion, announced James Morris on the SELinux mailing list last week.
|
|
|
Source: Search Open Source - Posted by Efren J. Belizario
|
|
Administrators often criticize Security Enhanced Linux (SELinux) policies for being too complex, and they have a point. Mandatory access control-based administration is tedious and easy to misconfigure. It can be tough to handle the extended security attributes across a range of users, processes and files or directories that encompass more than one server. Novell addresses this problem in its enterprise-class server offerings with the AppArmor suite of policy management applications, but nothing comparable exists yet for systems management in Red Hat enterprise servers (or CentOS derivatives). |
|
|
The good thing about SELinux (Security-Enhanced Linux) is that it can really help you lock down a Linux system. The bad thing about SELinux is that it can be a real pain to put all those locks and chains in place in the first place.
|
|
|
Source: www.ibm.com - Posted by Paul VonBurg
|
|
SELinux is a mandatory access control (MAC) system available in Linux kernels as of version 2.6. Of the Linux Security Modules available, it is the most comprehensive and well tested, and is founded on 20 years of MAC research. SELinux combines a type-enforcement server with either multi-level security or an optional multi-category policy, and a notion of role-based access control. See the Resources section later in this article for links to more information about these topics.
Most people who have used SELinux have done so by using an SELinux-ready distribution such as Fedora, Red Hat Enterprise Linux (RHEL), Debian, or hardened Gentoo. These enable SELinux in the kernel, offer a customizable security policy, and patch a great number of user-land libraries and utilities to make them SELinux aware.
(Editorial comment: EnGarde Secure Linux is an SELinux-ready distibution)
|
|
|
Source: Government Computer News - Posted by Eric Lubow
|
|
The release of a new open-source security package has sparked debate over how many Mandatory Access Control applications Linux really needs, and if more than one would just dilute volunteer efforts. Novell Inc. of Provo, Utah, recently released the source code for its recently acquired Linux security application, AppArmor. It also set up a project site in hopes of attracting outside developers to further refine the program.
|
|
|
Source: Government Computer News - Posted by Eric Lubow
|
|
Novell Inc. of Provo, Utah, has released the source code for its recently acquired open-source Linux security application, AppArmor, and has also set up a project site in hopes of attracting outside developers to further refine the program. The release of the software has sparked debate in the open-source community, however. |
|
|
Source: IT Observer - Posted by Benjamin D. Thomas
|
|
In this paper I will try to explain the philosophy behind the Security Enhanced Linux (SE Linux). I will however try to explain the concept with an example but to keep the length readable I will restrain myself to go into much of implementation details for e.g. commands and similar stuff. |
|
|
Posted by Pax Dickinson
|
|
Hi, and welcome to the final entry in my series of articles on SELinux. My last three articles have provided an
overview and history of SELinux, discussed
how SELinux makes access decisions, and explained
how to administer an SELinux system. Today we'll build on the
SELinux knowledge we've gained and learn how to perform basic
customization of our system's security policy.
|
|
|
<< Start < Prev 7 8 9 Next > End >>
|
| Results 61 - 70 of 88 |
