Linux Today: Linux News On Internet Time.

Tips for Taming SELinux

Nov 29, 2007, 07:00 (0 Talkback[s])
(Other stories by Carla Schroder)

"There is a lot of (mostly uninformed) buzz around SELinux (Security Enhanced Linux); it is touted as doing all kinds of wonderful things that it probably doesn't do. It's not a good idea to leap into implementing a complex security application like SELinux without understanding what it's for and how it works, so we're going to start with the basics. Then we'll look at how to use it, and actually understand what we're doing.

"SELinux began as a research project by the NSA (National Security Administration). The old model of reacting only to known threats has a glaring, obvious weakness: You're going to get beat up a lot. The idea behind SELinux is to protect a system from the unknown, and to close the door on zero-day exploits..."

Complete Story

Related Stories: