Language Selection

English French German Italian Portuguese Spanish

Demystifying Security Enhanced Linux

Filed under

In this paper I will try to explain the philosophy behind the Security Enhanced Linux (SE Linux). I will however try to explain the concept with an example but to keep the length readable I will restrain myself to go into much of implementation details for e.g. commands and similar stuff.

This flavor of linux has strong Mandatory Access control Built into the kernel where by the process and objects such as files are classified based on the confidentiality and integrity requirement, hence the affect of a security breach is reduced to minimal.

It is to be noted that this doesnot mean that SE Linux was designed to correct flaws which are present in the Linux rather it's an attempt to use MAC (in contrast to DAC used by traditional Linux Systems) to make a system which will mitigate the affects of security policy breaches to a minimum, by the help of policies which specify the security requirements of a system.

Full Article.

More in Tux Machines

Data indicates that Android picked up global market share from iOS last month

Tracking mobile web traffic, NetMarketShare computes the market share for mobile operating systems. Based on the data from last month, Android was able to widen its gap over iOS globally. Considering that the Apple iPhone 6s and Apple iPhone 6s Plus weren't launched until September 25th, the recently released phones accounted for a miniscule part of the data. The new models won't have a major effect on the results until the figures for this month are released. Read more

RapidDisk / RapidCache 3.4 now available.

RapidDisk is an advanced Linux RAM Disk which consists of a collection of modules and an administration tool. Features include: Dynamically allocate RAM as block device. Use them as stand alone disk drives or even map them as caching nodes to slower local disk drives. I pushed 3.4 into the mainline earlier this morning. Changes include:
  • Added ability to autoload RapidDisk volumes during module insertion.
  • Fixed bug in RapidDisk (volatile) volume size definition across 32 to 64 bit types.
  • Making use of BIT() macro in the driver.
  • Removed RapidDisk-NV support. It was redundant with the recently kernel integrated pmem code.
You can pull it from the git, yum, ZYpp & apt repos or download it from the SourceForge project page. To stay updated, you can follow the RapidDisk Google+ page.