SE Debian: how to make NSA SE Linux work in a distribution | Debian-News.net - Your one stop for news about Debian

Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.

SE Debian: how to make NSA SE Linux work in a distribution

Although I am writing about my work in developing SE Linux support for Debian, I am using generic terms as much as possible, as the same things need to be done for RPM based distributions.
Read it here

Quote:

SE Linux offers significant benefits for security. It accomplishes this by adding another layer of security in addition to the default Unix permissions model. This is accomplished by firstly assigning a type to every file, device, network socket, etc. Then every process has a domain, and the level of access permitted to a type is determined by the domain of the process that is attempting the access (in addition to the usual Unix permission checks). Domains may only be changed at process execution time. The domain may automatically be changed when a process is executed based on the type of the executable program file and the domain of the process that is executing it, or a privileged process may specify the new domain for the child process.

No Response to “SE Debian: how to make NSA SE Linux work in a distribution” »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.