Linked by Eugenia Loli-Queru on Sun 11th May 2008 23:48 UTC
Linux has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.
Permalink for comment 313859
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-01-09
Redhat mainly uses SELinux for confining system daemons. They have done a pretty good job of making the default configuration work out of the box. One big problem area are services like Apache where users need to label files and there aren't good simple docs on how to do this. The other problem is with third-party software, like VMware, that doesn't know about SELinux.
There has been some work done on confining Firefox. My guess is that it will be an option for people who want the extra security and are willing to put up with limitations on downloading files and loading plugins.