Difference between revisions of "SELinux"

From CBLFS
Jump to navigationJump to search
m
 
Line 10: Line 10:
  
 
*[[libsepol]] {{libsepol-Version}}
 
*[[libsepol]] {{libsepol-Version}}
*[[checkpolicy]] {{checkpolicy-Version}}
 
 
*[[libselinux]] {{libselinux-Version}}
 
*[[libselinux]] {{libselinux-Version}}
 
*[[libsemanage]] {{libsemanage-Version}}
 
*[[libsemanage]] {{libsemanage-Version}}
 +
*[[checkpolicy]] {{checkpolicy-Version}}
 
*[[policycoreutils]] {{policycoreutils-Version}}
 
*[[policycoreutils]] {{policycoreutils-Version}}
*[[selinux-doc]] {{selinux-doc-Version}}
+
*[[refpolicy]] {{refpolicy-Version}}
 
----
 
----
  

Latest revision as of 00:44, 5 March 2009

Caution.png

Note

Currently this page under construction and not proposed for using it.

Introduction to SELinux

SELinux was initially a project to port the work developing a mandatory access control architecture done by the National Security Agency (NSA) and the Secure Computing Corporation (SCC) on the Mach and Fluke OS's to Linux.

SELinux differs from regular Linux security in that in addition to the traditional UNIX user id and group id, it also attaches a SELinux user, role and type to each file and process.

For more information please read the NSA SELinux website and a paper on why mandatory access controls are a good and likely a necessary thing.

Project Homepage: http://www.nsa.gov/selinux/

Sections of SELinux