Administrators often criticize Security Enhanced Linux (SELinux) policies for being too complex, and they have a point. Mandatory access control-based administration is tedious and easy to misconfigure. It can be tough to handle the extended security attributes across a range of users, processes and files or directories that encompass more than one server. Novell addresses this problem in its enterprise-class server offerings with the AppArmor suite of policy management applications, but nothing comparable exists yet for systems management in Red Hat enterprise servers (or CentOS derivatives).Although it's not included in the RHEL distribution, the SELinux Policy Editor (seedit), originally developed by Hitachi Software, fills that void. Seedit offers a suite of native front-end administration utilities. Even a seasoned SELinux system administrator will find seedit useful in daily use, especially in cases when a single policy oversees operations of multiple systems. Seedit provides a control panel with icons that correspond to status, management, policy generation, policy editing and policy application or re-labeling actions.
Read this full article at Search Open Source
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!