Stephen Smalley wrote:
On Wed, 2004-04-28 at 10:05, Jay Daniels wrote:
I will have to catch up on some reading. I thought SELinux was a
modified kernel published by the government!
The kernel security framework and module for SELinux are in mainline
Linux 2.6. So all 2.6-based Linux distros should at least have the
SELinux kernel code.
Why would Fedora even include it or does it just include support for
SELinux?
The plan to incorporate SELinux into Fedora Core 2, including the
necessary userland and policy integration, was announced long ago. But
you have the option to disable it, and it is disabled by default
presently.
I do not think most users here would need SELinux.
SELinux provides a flexible mechanism for enforcing security policies;
you can configure it for your specific security needs.
See the paper available from
http://www.nsa.gov/selinux/papers/inevit-abs.cfm for a discussion of why
such a mechanism is important.
OMG! The NSA 8 my cookies. :-P