Upcoming Conference Talks on SELinux Applications: sVirt and Kiosk Mode
Source: James-Morris.Livejournal.com - Posted by Burhan Syed   
SELinux Recently, I've been busy getting the initial cut of sVirt out, and am currently processing community feedback before issuing an update. The basic idea behind sVirt is to apply MAC label security (SELinux, Smack etc.) to Linux-based virtualization schemes such as KVM, allowing the existing OS-level security mechanisms to be re-used for process-based VMs. This is an application one of the core advantages of Linux-based virtualization, where generally, all of the Linux process management infrastructure within the kernel and wider OS may be applied to domains which run inside Linux processes. Would you agree that we don't need to modify the kernel security mechanism for MAC label security? Read on for more information.

Read this full article at James-Morris.Livejournal.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!