SELinux Demonstration!
Source: Russell Coker - Posted by David Isecke   
SELinux The aim of this is to demonstrate that all necessary security can be provided by SE Linux without any Unix permissions (however it is still recommended that you use Unix permissions as well for real servers). Also it gives you a chance to login to a SE machine and see what it's like. . . . The aim of this is to demonstrate that all necessary security can be provided by SE Linux without any Unix permissions (however it is still recommended that you use Unix permissions as well for real servers). Also it gives you a chance to login to a SE machine and see what it's like.

When you login to a SE Linux play machine make sure that you use the -x option to disable X11 forwarding or set ForwardX11 no in your /etc/ssh/ssh_config file before you login. Also make sure that you use the -a option to disable ssh agent forwarding or set ForwardAgent no in your /etc/ssh/ssh_config file before you login.
If you don't correctly disable these settings then logging in to the play machine will put you at risk of being attacked through your SSH client.

There is an IRC channel for discussing this, it is #selinux on irc.freenode.net.

Fedora

To access my Fedora play machine ssh to cable.coker.com.au port 222 as root, the password is "fedora".

Debian

To access my Debian play machine ssh to cose.coker.com.au as root, the password is "1q2w3e".

Read this full article at Russell Coker

Only registered users can write comments.
Please login or register.

Powered by AkoComment!