Linked by Eugenia Loli-Queru on Sun 11th May 2008 23:48 UTC
Linux has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.
Permalink for comment 313823
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-12-16
I haven't seen it enabled on too many servers. Redhat and Fedora enables SElinux by default (what quickly gets turned off by the admins), pbly the problem not just that the average admins don't have enough experience in RBAC/DAC but applying it in production environment is hard (qaing a mirror of the system then applying it on the main server, and still can something go wrong) to accomplish especially if you want to install new packages on the servers from time to time, not just configuring a box for dns server, then using the basic selinux configuration and leave it that way.
I think moving forward to virtualization is much more popular. I even doubt the nsa use selinux on their own servers.