Language Selection

English French German Italian Portuguese Spanish

Demystifying Security Enhanced Linux

Filed under
Linux

In this paper I will try to explain the philosophy behind the Security Enhanced Linux (SE Linux). I will however try to explain the concept with an example but to keep the length readable I will restrain myself to go into much of implementation details for e.g. commands and similar stuff.

This flavor of linux has strong Mandatory Access control Built into the kernel where by the process and objects such as files are classified based on the confidentiality and integrity requirement, hence the affect of a security breach is reduced to minimal.

It is to be noted that this doesnot mean that SE Linux was designed to correct flaws which are present in the Linux rather it's an attempt to use MAC (in contrast to DAC used by traditional Linux Systems) to make a system which will mitigate the affects of security policy breaches to a minimum, by the help of policies which specify the security requirements of a system.

Full Article.

More in Tux Machines

Elementary OS’s Pantheon Desktop May Become Available On Fedora Systems, Starting With Fedora 22

The Fedora developers are thinking at porting Elementary OS’s Pantheon Desktop to Fedora. If this happens, Pantheon will be available via the default repositories of Fedora, starting with Fedora 22, which will be released next year. Read more

Docker in Production — What We’ve Learned Launching Over 300 Million Containers

Earlier this year, we made a decision to run every task on IronWorker inside its own Docker container. Since then, we've run over 300,000,000 programs inside of their own private Docker containers on cloud infrastructure. Now that we’ve been in production for several months, we wanted to take the opportunity to share with the community some of the challenges we faced in running a Docker-based infrastructure, how we overcame them, and why it was worth it. Read more

Review: Scientific Linux 7.0 GNOME

It has been a while since I have done a review (almost 3 months, in fact). It has been significantly longer since I have looked at Scientific Linux (over 3 years, in fact). Given that, I figured it might be worthwhile to make this review about Scientific Linux 7.0. I'm just glad that I did it before the time elapsed for something else to come up (around 3 minutes, in fact — OK, I just made that one up to match the other statements). Read more

Free software hacker on open source telemetry project for OpenStack

Julien Danjou is a free software hacker almost all of the time. At his day job, he hacks on OpenStack for eNovance. And, in his free time, he hacks on free software projects like Debian, Hy, and awesome. Julien has also written The Hacker's Guide to Python and given talks on OpenStack and the Ceilometer project, among other things. Prior to his talk at OpenStack Summit 2014 in Paris this year, we interviewed him about his current work and got some great insight into the work going on for the Ceilometer project, the open source telemetry project for OpenStack. Read more