Difference between revisions of "SELinux"
From CBLFS
Jump to navigationJump to searchm |
|||
Line 10: | Line 10: | ||
*[[libsepol]] {{libsepol-Version}} | *[[libsepol]] {{libsepol-Version}} | ||
− | |||
*[[libselinux]] {{libselinux-Version}} | *[[libselinux]] {{libselinux-Version}} | ||
*[[libsemanage]] {{libsemanage-Version}} | *[[libsemanage]] {{libsemanage-Version}} | ||
+ | *[[checkpolicy]] {{checkpolicy-Version}} | ||
*[[policycoreutils]] {{policycoreutils-Version}} | *[[policycoreutils]] {{policycoreutils-Version}} | ||
− | *[[ | + | *[[refpolicy]] {{refpolicy-Version}} |
---- | ---- | ||
Latest revision as of 00:44, 5 March 2009
Introduction to SELinux
SELinux was initially a project to port the work developing a mandatory access control architecture done by the National Security Agency (NSA) and the Secure Computing Corporation (SCC) on the Mach and Fluke OS's to Linux.
SELinux differs from regular Linux security in that in addition to the traditional UNIX user id and group id, it also attaches a SELinux user, role and type to each file and process.
For more information please read the NSA SELinux website and a paper on why mandatory access controls are a good and likely a necessary thing.
Project Homepage: http://www.nsa.gov/selinux/
Sections of SELinux
- libsepol 2.0.32
- libselinux 2.0.71
- libsemanage 2.0.27
- checkpolicy 2.0.16
- policycoreutils 2.0.55
- refpolicy 2.20081210