LinuxWorld.com: Understanding & installing SELinux

"SELinux, also known as Security Enhanced Linux, is a National Security Agency sponsored Linux project to develop a more secure Linux. SELinux is a set of Linux kernel patches and utilities designed around a usable but mandatory access control system.

Using SELinux will require a recompile of either a stock Linux 2.4.12 (at the time of this writing) kernel, with patches, or the downloading of the SELinux kernel distribution from the SELinux Web site (see resources below). The SELinux kernel distribution is available in several download forms. I chose the 34-megabyte package that includes Linux 2.4.12 already patched for SELinux, and the associated software utilities needed to operate SELinux. Our installation box is a stock Red Hat 6.2 machine with all relevant updates.

I am not going to go into the re-compilation of the kernel. If you are attempting to run SELinux, I'm sure that you have already recompiled your kernel ad nauseum. However, I will say that it is important to view the README files within the selinux directory that is created after unpacking the source package. Once you have read these files, recompiling the Linux kernel for the provided features is a snap."

Complete Story

Related Stories:

• LinuxPlanet: .comment: The Distribution We Need(Oct 27, 2001)
• National Security Agency: Third Public Release SELinux(Oct 17, 2001)
• LinuxSecurity.com: New release of the LSM-based SELinux prototype (Sep 28, 2001)
• UnderLinux: Interview Elias Levy (BugTraq's Aleph1)(Sep 13, 2001)
• Crispin Cowan: Linux Security Module Interface(Apr 12, 2001)
• NSA Grants $1.2 Million Contract to Continue Work on Its Security Enhanced Linux(Apr 09, 2001)
• Security-enhanced Linux available at NSA site(Dec 22, 2000)
• Slashdot: NSA Releases High Security Version Of Linux (Dec 22, 2000)