SELinux
Paul Howarth
paul at city-fan.org
Fri Jun 9 14:48:43 UTC 2006
Gregory P. Ennis wrote:
> On Fri, 2006-06-09 at 14:24 +0100, Paul Howarth wrote:
>
>
>> SELinus is far from being window-dressing; when configured properly it
>> is capable of restricting each process to the minimum capabilities that
>> that process needs to do its job, and most exploits require that
>> processes be circumvented to so something else, hence SELinux offers
>> protection against those exploits.
>>
>> Paul.
>>
>
> I really like the idea of SELinux, but have had to turn it to permissive
> mode until I can learn how to tweak it for my purposes. I just have not
> had the time to do this yet. Are their tutorials you would recommend.
> On one of my trips to Barnes and Knoble I looked for some published work
> on SELinux but could not find anything.
You'll struggle to find anything in print that's up to date. Probably
the best place to start is:
http://fedoraproject.org/wiki/SELinux
Paul.
More information about the fedora-list
mailing list