LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Top 10 SELinux Stories of 2007 Print E-mail
User Rating:      How can I rate this item?
Source: www.Linuxsecurity.com - Posted by Ryan Berens   
SELinux 2007 was an interesting year for SELinux. Many issues were important and gained exposure, but what did you, the reader have to say about the most important articles in SELinux? There are many ways to judge this and one of them is by listing the most popular articles as chosen by our readers over the course of the year, based on hits. It isn't the only answer, but certainly an interesting one.

Click through to see the list of the Top SELinux stories on Linuxsecurity.com for 2007. Also: For a COMPLETE list of all the SELinux articles that have ever appeared on LinuxSecurity.com, go here Easy to follow and organized by year, it's one of many, many resources avaialable at EnGardelinux.org with regards to SELinux.

  • #1: Don't Disable SELinux! (2007-06-25) - 3150 hits
    http://www.linuxsecurity.com/content/view/128596

    Josh Brindle commented on one of the most pressing issues with SELinux - that many companies decide to tell customers to disable it altogether instead of working through a different solution for a particular program. This was probably the most popular article of the year because SELinux still represents a strong learning curve and is still in a process of acceptance. When someone stakes a claim to not do what is likely common practice, chances are good people will want to know what they are saying.

    Bottom line: SELinux still has an aura of difficulty that convinces people to use the strategy of disabling the entire system. When Josh Brindle, an expert on the topic says "don't do this," people want to see if SELinux has evolved in a way that would replace this quick, easy and damaging strategy. Interestingly, the issue probably centers on the usability, not security effects, in disabling it.

    In other words, people are asking one main question above all others: Is the cost/benefit relationship of implementing SELinux changed? In this writers opinion, this has always been the biggest issue regarding SELinux, was the biggest issue for 2007, and will likely remain the critical issue in the year ahead.

  • #2: SELinux Constrains Samba Vulnerability (2007-06-01)- 3020 hits
    http://www.linuxsecurity.com/content/view/128413

    Samba is one of the most popular projects in open source. When there's a vulnerability that threatens it, and a solution exists that can contain the problem, people will be interested - 'Nuff said.

  • #3: SELinux Gets a Wiki (2007-05-18) - 2961 hits
    http://www.linuxsecurity.com/content/view/128245

    This addresses the usability issue. A Wiki can be an incredibly useful tool for learning about a program or application. If such a resource is created for SELinux especially on the popular Fedora distribution and the learning curve is still high, this should be no surprise.

  • #4: Secure Networking With SELinux (2007-05-31) - 2919 hits
    http://www.linuxsecurity.com/content/view/128403

    Another post coming from Josh Brindle. Again, he is one of the most visible experts on SELinux, and does a great job of addressing the most important issues in SELinux. Here, he addressed the recent improvements that came from the community and the differences between support in the early days and at the time of the article.

  • #5: Linus Torvalds on SELinux (2007-10-03) - 2757 hits
    http://www.linuxsecurity.com/content/view/129807

    Occassionally, the Linux Kernel Mailing list can get heated. In this instance, a discussion had started regarding whether or not LSM should remain the as the only security standard for the Kernel. As is sometimes the case, Linus Torvalds commented in a way that brought the comment some awareness. Whether or not Linus' reaction was taken out of context, the LSM issue is still an interesting one and harbors back on what strategy should drive Kernel security development. Are changes suggested because they are valuable? Or are they suggested because somebody wants to see something change? This friction (as can often be the case in any project) made it popular enough to make #5.

  • #6: Managing SELinux with SETools (2007-10-30) - 2374 hits
    http://www.linuxsecurity.com/content/view/130383 A great article by James Turnbull, another seasoned developer in the world of SELinux. This overview covered SETtools; specifically, apol which Analyzes SELinux policies, sediff which performs diffs on SELinux policy, seaudit, which analyzes audit messages and sechecker which checks SELinux policy. A worthwhile HowTo on these tools that most people found useful, and therefore popular.

  • #7: Kernel Space: A Simplified Security Framework for Linux (2007-10-10) - 2149 hits
    http://www.linuxsecurity.com/content/view/129966

    This was yet another article covering LSM and SELinux and which should take precedence. Is SMACK (Simplified Mandatory Access Control Kernel) good enough to replace whats there? The issue was that, according to many, the current security module would relegate security as an afterthought because it would require so much work to be integrated. The net result, it was argued, was that the liklihood of being avoided would increase, and security wouldn't be as effective. A great article summing up many of the most pertinent issues.

  • #8: Is SELinux Really too Complex? (2007-09-28) - 2105 hits
    http://www.linuxsecurity.com/content/view/129763

    Apparently, the Kernel issue was one of the more pressing issues. This article again covers the LSM, SELinux issue, with another interesting and compelling take on the importance of security within the kernel and where SELinux exists as a result.

  • #9: A Step-by-Step Guide to Building a New SELinux Policy Module (2007-08-23)- 2085 hits
    http://www.linuxsecurity.com/content/view/129044

    If you want help with making a new module, this article covers it. Obviously, based on its place on this list, this is one of the better HowTo's for doing just that. Easy to follow and informative, no wonder it comes in as #9 for the most popular SELinux article for 2007.

  • #10: Samba/SELinux Policy (2007-11-14)- 2049 hits
    http://www.linuxsecurity.com/content/view/130930

    Rounding out our most popular SELinux articles of 2007 is the 2nd showing by SAMBA and SELinux. A great HowTo by none other Dan Walsh, SELinux expert over at Red Hat, its proof that SAMBA security is at the forefront of many users minds. What's that mean? That SELinux is probably going to be involved.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
FreeBSD Patches DoS Vulnerability
Rogue cell towers discovered in Washington, D.C.
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.