Linked by Thom Holwerda on Wed 19th Mar 2008 22:58 UTC, submitted by diegocg
It's official: SELinux is now available in the Ubuntu development ('Hardy Heron') distribution. "This is the result of the amazing work of the ubuntu-security and ubuntu-hardened teams, as well as the huge contributions from the folks at Tresys (SELinux will not be the default, but is available as a security option)." In other news, Sun has started offering Ubuntu as an option.
Thread beginning with comment 305813
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: Debian already has this?
by Flatland_Spider on Thu 20th Mar 2008 13:37
in reply to "RE[3]: Debian already has this?"
Member since:2006-09-01
RE[5]: Debian already has this?
by sbergman27 on Thu 20th Mar 2008 13:54
in reply to "RE[4]: Debian already has this?"
Member since:2005-07-24
Yes. I'd forgotten about that. If the current kernel has not been compiled to honor that parameter, the user has to recompile the kernel to avoid the SELinux tax. I don't believe that Redhat and Fedora go quite *that* far out of their way to make it hard to turn off. Typically, they won't actively fight users. But don't expect them to lift a finger to help users do anything of which they do not approve.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-24
The "difficult" bit (perhaps "tricky" might have been a better term) is knowing that you can't just disable it and have it really be out of the way. "Disabling" SELinux during the install, or afterward, merely causes it not to load a policy. I imagine that most people who think they have it disabled really don't, not realizing that you have to manually edit grub.conf to add the right string after every kernel upgrade to avoid the "SELinux tax" on performance.
Edited 2008-03-20 12:16 UTC