shn
02-21-2004, 10:37 PM
On a traditional Linux system, permissions and access control to files and processes are controlled completely by users. root is all powerful, and programs inherit a user's rights, meaning that when a program is compromised, that user is also compromised. In cases of a program run as root, that means the attacker has access to the whole system.
In the SELinux method, access is provided by a security policy set by the administrator and enforced by the system. There is no "all powerful root user".
Debian and Gentoo have already adopted such a method some time ago. However if you do not use one of thoose distributions it is a good idea to consider implementing SELinux if you maintain a server, or if you are responsible for maintaining a secure Linux enviorment.
You may download (http://www.nsa.gov/selinux/src-disclaim.html) SELinux from The Narional Security Agency (http://www.nsa.gov/selinux/index.html)
I only recommend this for novice Linux users.
shn
In the SELinux method, access is provided by a security policy set by the administrator and enforced by the system. There is no "all powerful root user".
Debian and Gentoo have already adopted such a method some time ago. However if you do not use one of thoose distributions it is a good idea to consider implementing SELinux if you maintain a server, or if you are responsible for maintaining a secure Linux enviorment.
You may download (http://www.nsa.gov/selinux/src-disclaim.html) SELinux from The Narional Security Agency (http://www.nsa.gov/selinux/index.html)
I only recommend this for novice Linux users.
shn