Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] A Close Look as NSALinux

Cutting Through the SELinux Hype

,----[ Quote ]
| SELinux began as a research project by the NSA (National Security 
| Administration). The old model of reacting only to known threats has a 
| glaring, obvious weakness: You're going to get beat up a lot. The idea behind 
| SELinux is to protect a system from the unknown, and to close the door on 
| zero-day exploits.     
`----

http://www.serverwatch.com/tutorials/article.php/3722446

SELinux is good for *national* security, that's for sure.


Related:

Microsoft Sells Out to NSA... again!

,----[ Quote ]
| So before you go to the store and get that shiny new laptop, consider asking 
| the retailer to not put Windows on there because not doing so could end up 
| being a serious mistake.  
`----

http://binaryfreedom.info/node/282


Did NSA Put a Secret Backdoor in New Encryption Standard?

,----[ Quote ] 
| Which is why you should worry about a new random-number standard that 
| includes an algorithm that is slow, badly designed and just might contain a 
| backdoor for the National Security Agency.  
`----

http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115


Tresys Nails 'Hardened Security' With Brickwall & Upcoming Razor

,----[ Quote ]
| "But SELinux contains tens of thousands of rules, written in
| assembly language. We make implementation easier by turning that
| spaghetti code into reference code," he said.
`----

http://www.linuxplanet.com/linuxplanet/reports/6365/1/


SELinux

,----[ Quote ]
| We all appreciate that when we turn on our Linux systems they're pretty 
| secure. Thanks to continuing improvements to SELinux, it is increasingly easy 
| for users to take advantage of this powerful security tool. Read on to find 
| an interview with Daniel Walsh, the principal developer of SELinux in Fedora 
| from Red Hat, where he tells us more about what SELinux does and how it's 
| improved in Fedora 8. At the end of the article are some screenshots which 
| show-off the new policy creation GUI.      
`----

http://fedoraproject.org/wiki/Interviews/SELinux


Tip of the Trade: SELinux  

,----[ Quote ]
| You don't need to be a super-guru to set up a workable SELinux policy, just 
| an ordinary, diligent server administrator unafraid to read a bit of  
| documentation. 
`----

http://www.serverwatch.com/tutorials/article.php/3702626


Linux Application Hardening

,----[ Quote ]
| When we talk about Linux hardening, we typically mean runtime 
| application hardening to improve application reliability, leading to expected 
| and predictable execution despite undesirable operating conditions (such as 
| high memory or network overload).    
`----

http://opensource.sys-con.com/read/431838_p.htm


SELinux — is it really too complex?

,----[ Quote ]
| What I discovered is that part of SELinux’s current dilemma is more easily 
| fixable than the other, because it has nothing to do with technological chops 
| and everything to do with public perception. Jim Klein, the director of 
| information services and technology at the California-based Saugus Union 
| School District, put it best: “The biggest problem for SELinux is mindshare,”  
| Klein told me. “It developed a stigma early on due to the lack of tools for 
| configuration and troubleshooting, which led people to simply turn it off.” 
| Currently, Klein is one of the many IT guys who has the SELinux switch in 
| the “off” position.       
`----

http://enterpriselinuxlog.blogs.techtarget.com/2007/09/26/selinux-is-it-really-too-complex/


SELinux vs. OpenBSD's Default Security

,----[ Quote ]
| Darrin Chandler suggested, "security should not be grafted on, it should be 
| integrated into the main development process. I'm sure the patch maintainers 
| are doing their best, but this doesn't change the fundamental flaw in the 
| process. It's not a flaw of their making, it's inherent in the situation. But 
| it's still a flaw."    
`----

http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security


Is SE Linux only for Linux?

,----[ Quote ]
| Sun is also apparently considering adding type-enforcement to Solaris. It’s 
| yet to be seen whether this happens and if so whether it is compatible with 
| SE Linux.  
| 
| So it seems that a significant portion of the SE Linux code base is portable, 
| and in particular the user-space code should port well. The interfaces for 
| and methods labelling files etc should port well between platforms. Therefore 
| I recommend not having SE Linux code split into Linux specific trees and 
| instead having a compile option to enable SE Linux support.    
`----

http://etbe.coker.com.au/2007/08/31/is-se-linux-only-for-linux/


RSBAC 1.3 Series Released

,----[ Quote ]
| RSBAC, a European security solution similar to SELinux, has released
| the latest stable 1.3 series. 
`----

http://www.osnews.com/story.php/18036/RSBAC-1.3-Series-Released/


Five ways SELinux may surprise you

,----[ Quote ]
| What you may not realize is all the ways SELinux is being applied to
| a variety of security challenges. Just because SELinux was initially
| developed by the military does not mean it is only useful to
| complicated security problems and large-budget organizations -- SELinux
| is for you too. And despite what you might have heard, you don't need to
| be an expert to reap the benefits of SELinux's powerful protection 
| features.
`----

http://searchenterpriselinux.techtarget.com/columnItem/0,294698,sid39_gci1253747,00.html


What's new in SELinux for Red Hat Enterprise Linux 5?

,----[ Quote ]
| Lets take a look at SELinux, how it works, and what makes it effective.
| And why it should matter to you.
`----

http://www.redhatmagazine.com/2007/05/04/whats-new-in-selinux-for-red-hat-enterprise-linux-5/

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index