Product: SELinux: NSA’s Open Source Security Enhanced Linux

So what makes Selinux more secure than standard Linux? Primarily it is the implementation of role-based access control, sandboxing, and an audit facility that allows the system to log any attempts to exceed specified permissions. It does all this without conflicting with the normal permissions of Linux. If you are able to access a file through normal discretionary access control then the role-based mandatory access control provides additional security to determine if you can run the file or not. The only way to open a file is if both systems agree that you should be able to open it.

The author covers installation, configuration, administering, and setting up a security policy. The presentation of SeLinux is straightforward and the security model is presented in a writing style that makes it clear and understandable to the reader.

SeLinux: NSA’s Open Source Security Enhanced Linux is highly recommended as both a Linux security solution and an excellent book on how to utilize all the resources of SeLinux.
Rating: 5
0596007167
Count: 6