On Wed, 2004-04-28 at 10:20, Stephen Smalley wrote: > On Wed, 2004-04-28 at 10:05, Jay Daniels wrote: > > I will have to catch up on some reading. I thought SELinux was a > > modified kernel published by the government! > > The kernel security framework and module for SELinux are in mainline > Linux 2.6. So all 2.6-based Linux distros should at least have the > SELinux kernel code. > > > Why would Fedora even include it or does it just include support for > > SELinux? > > The plan to incorporate SELinux into Fedora Core 2, including the > necessary userland and policy integration, was announced long ago. But > you have the option to disable it, and it is disabled by default > presently. > > > I do not think most users here would need SELinux. > > SELinux provides a flexible mechanism for enforcing security policies; > you can configure it for your specific security needs. > See the paper available from > http://www.nsa.gov/selinux/papers/inevit-abs.cfm for a discussion of why > such a mechanism is important. > > -- > Stephen Smalley <sds@xxxxxxxxxxxxxx> > National Security Agency For those running web servers, or any server at all, SELinux will mean a significantly increased site security. Linux grew up around, and because, of the internet, SELinux will only help it's growth in this arena. Am I paranoid?? Yes, with all those crackers out there definitely!! -- jludwig <wralphie@xxxxxxxxxxx>
