[prev in list] [next in list] [prev in thread] [next in thread] 

List:       novalug
Subject:    Re: [novalug] Fedora problems
From:       Chris Gordon <chris () linux-dr ! net>
Date:       2004-03-31 16:51:33
Message-ID: 20040331165133.GA18491 () goblin ! theory14 ! net
[Download RAW message or body]

On Wed, Mar 31, 2004 at 10:36:39AM -0500, Dave Aronson wrote:
> On Tue March 30 2004 19:26, Chuck Moss wrote:
> 
>  > BTW, SELinux is included.
> 
> What do you mean by "included"?  I thought SELinux was a whole 'nother 
> distro.

SELinux is not another distro, but a set of kernel patches and various
utilities that implement MAC.  From the SELinux site
(http://www.nsa.gov/selinux/):

# What is Security-enhanced Linux?

Security-enhanced Linux is a research prototype of the Linux® kernel and
a number of utilities with enhanced security functionality designed
simply to demonstrate the value of mandatory access controls to the
Linux community and how such controls could be added to Linux. The
Security-enhanced Linux kernel contains new architectural components
originally developed to improve the security of the Flask operating
system. These architectural components provide general support for the
enforcement of many kinds of mandatory access control policies,
including those based on the concepts of Type Enforcement®, Role-based
Access Control, and Multi-level Security.

> Do you mean its main capabilities, like enforceable Mandatory 
> Access Control?

Yes.

> I sure hope that if it includes that, it can be turned 
> off; I sure don't want to have to label all my data, progs, etc. with 
> security levels and categories!

From what I've read, you can choose to run with or without the SE stuff
being turned on with a kernel boot option.

Chris
_______________________________________________
novalug mailing list
novalug@tux.org
http://www.tux.org/mailman/listinfo/novalug
for subscribe/unsubscribe see web page
[prev in list] [next in list] [prev in thread] [next in thread]