Announcing the third test release of Fedora Core 2
jludwig
wralphie at comcast.net
Wed Apr 28 17:39:02 UTC 2004
On Wed, 2004-04-28 at 10:20, Stephen Smalley wrote:
> On Wed, 2004-04-28 at 10:05, Jay Daniels wrote:
> > I will have to catch up on some reading. I thought SELinux was a
> > modified kernel published by the government!
>
> The kernel security framework and module for SELinux are in mainline
> Linux 2.6. So all 2.6-based Linux distros should at least have the
> SELinux kernel code.
>
> > Why would Fedora even include it or does it just include support for
> > SELinux?
>
> The plan to incorporate SELinux into Fedora Core 2, including the
> necessary userland and policy integration, was announced long ago. But
> you have the option to disable it, and it is disabled by default
> presently.
>
> > I do not think most users here would need SELinux.
>
> SELinux provides a flexible mechanism for enforcing security policies;
> you can configure it for your specific security needs.
> See the paper available from
> http://www.nsa.gov/selinux/papers/inevit-abs.cfm for a discussion of why
> such a mechanism is important.
>
> --
> Stephen Smalley <sds at epoch.ncsc.mil>
> National Security Agency
For those running web servers, or any server at all, SELinux will mean a
significantly increased site security.
Linux grew up around, and because, of the internet, SELinux will only
help it's growth in this arena.
Am I paranoid?? Yes, with all those crackers out there definitely!!
--
jludwig <wralphie at comcast.net>
More information about the fedora-list
mailing list