Practical Technology

for practical people.

How to set up SELinux right, the first time

Twenty years ago, when it became apparent how important Linux would become, the U.S. National Security Agency created a mandatory access control (MAC) architecture for Linux. As in other realms, security is always important, but sometimes it’s especially important. From its creation and extending to today, Security-Enhanced Linux (SELinux) has blocked tampering threats and prevented attempts to bypass application security.

I hasten to stress that you should not adopt SELinux just because the extra-robust security functionality exists. Yes, I know how much security matters to your business, but SELinux isn’t for everyone. Running SELinux takes extra time, requires far more hands-on involvement than other Linux distributions, and demands deep knowledge about Linux architecture.

How to set up SELinux right, the first time More>

Comments are closed.