SELINUX: NSA’S OPEN SOURCE SECURITY ENHANCED LINUX

Publisher: O’Reilly Media, Inc.
Language: English
ISBN: 0596007167
Paperback: 254 pages
Data: Oct 11, 2004
Format: CHM
Description: The qualifier see for a more bonded operative grouping has ofttimes mitt everyday, creation computers farther behindhand their experimental, investigate cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most reputable security-related broad to UNIX embodies the key advances of the section field. Better yet, SELinux is acquirable in distributed and favourite distributions of the UNIX operative system–including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE–all of it liberated and unstoppered source. SELinux emerged from investigate by the National Security Agency and implements artist strong-security measures much as role-based admittance controls, dominion admittance controls, and fine-grained transitions and permit escalation mass the generalisation of diminutive privilege. It compensates for the fateful pilot overflows and another weaknesses in applications by isolating them and preventing flaws in digit covering from broad to others. The scenarios that drive the most cyber-damage these days–when someone gets a toe-hold on a machine finished a danger in a topical networked application, much as a Web server, and parlays that toe-hold into general curb over the machine system–are prevented on a right administered SELinux system. The key, of course, lies in the text “properly administered.” A grouping chief for SELinux needs a panoramic arrange of knowledge, much as the principles behindhand the system, how to distribute assorted privileges to assorted groups of users, how to modify policies to alter newborn software, and how to index and road what is feat on. And this is where SELinux is invaluable. Author Bill McCarty, a section consultant who has briefed numerous polity agencies, incorporates his qualifier investigate into SELinux into this diminutive but information-packed book. Topics include:
A readable and objective account of SELinux concepts and the SELinux section model
Installation manual for numerous distributions
Basic grouping and individual administration
A careful dissection of the SELinux contract language
Examples and guidelines for altering and adding policies
With SELinux, a high-security machine is within accomplish of some grouping administrator. If you poverty an trenchant effectuation of securing your UNIX system–and who doesn’t?–this aggregation provides the means.