From firewall-wizards  Wed Oct 13 08:24:52 2004
From: Karl Vogel <karl.vogel () seagha ! com>
Date: Wed, 13 Oct 2004 08:24:52 +0000
To: firewall-wizards
Subject: RE: [fw-wiz] VM system for firewall use
Message-Id: <6DED3619289CD311BCEB00508B8E133601A68DE8 () nt-server2 ! antwerp ! seagha ! com>
X-MARC-Message: https://marc.info/?l=firewall-wizards&m=109776852213384

> Gentoo-Hardened contains both SELinux and RSBAC, and I know 
> they have a
> way to do an "audit but don't block" sort of thing for RSBAC that was
> good for profiling a user or application.  Their 
> documentation is pretty
> good (though I think the TrustedBSD docs are too,) though 
> it's still a lot
> of reading and wading and guessing and trying.

FWIW.. Fedora Core 3 (The community version from RedHat) will have
SELinux active when doing a default install. It comes with 2
policies: strict and targeted. The targeted policy is more relaxed
(it only targets daemons, afaik).

The SELinux stuff can run in permissive mode, where it will log all
violations against the policy but will allow the action to go through,
which should help in tuning the policy.

Either way.. defining SELinux policies is still a tricky business.

It will be interesting to see what will come from this larger exposure.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards