Gregory P. Ennis wrote:
On Fri, 2006-06-09 at 14:24 +0100, Paul Howarth wrote:
SELinus is far from being window-dressing; when configured properly it
is capable of restricting each process to the minimum capabilities that
that process needs to do its job, and most exploits require that
processes be circumvented to so something else, hence SELinux offers
protection against those exploits.
Paul.
I really like the idea of SELinux, but have had to turn it to permissive
mode until I can learn how to tweak it for my purposes. I just have not
had the time to do this yet. Are their tutorials you would recommend.
On one of my trips to Barnes and Knoble I looked for some published work
on SELinux but could not find anything.
You'll struggle to find anything in print that's up to date. Probably
the best place to start is:
http://fedoraproject.org/wiki/SELinux
Paul.