SELinux…the future of Linux?

Many of you may have heard recently that Fedora Core 3 contains “SELinux” or Security Enhanced Linux.  Then you may just say, “hmm..how bout that” and move on.  Most of us don’t realize what SELinux actually is and where it came from.  Recently there is a new book entitled, “SELinux NSA’s Open Source Security Enhanced Linux” that has been published by Bill McCarty for the O’Reilly Network.

I first noticed and downloaded SELinux about 2 years ago when there was no documentation supporting anything with it.  I installed it, configured it, and had a server set up in about a day.  I’ll have to say that it is just as easy to work on as a slackware box and most of my documentation issues were solved in slackware forums.  Does this mean it utilizes packages from slack?  No…everything is from source but there isn’t any cool portage or emerge system to manage things.  You simply have to know what you’re doing.  But recently, Distributions are now packaging the secure functions of SELinux into their respected distros.

From the LinuxInsider article, “In December 2000, researchers at the U.S. National Security Agency (NSA) working with Network Associates and MITRE released a B1 Class operating system to the public known as SELinux. Although many Linux professionals have heard of SELinux, few recognize that its heritage reaches back to the work of David Bell and Leonard LaPadula, work begun in 1973. Bell and LaPadula’s work helped define the criteria that make up the U.S. Government’s Trusted Computer System Evaluation Criteria (TCSEC).”

There is much attention focused by some of the more cutting edge distributions like Fedora Core, Gentoo and the beta release of Red Hat Enterprise Linux 4. The question becomes, will other distros follow? Should they follow? I think the answer is a definitive yes on this issue.? But if all distros flock to this standard will it lessen its importance?  Perhaps.  Perhaps it will become ‘run of the mill’ and assumed until the next big thing comes along.  And perhaps it won’t.

Source:   http://www.linuxjournal.com/article/7955

Author: devnet

devnet has been a project manager for a Fortune 500 company, a Unix and Linux administrator, a Technical Writer, a System Analyst, and a Systems Engineer during his 20+ years working with Technology.

Creative Commons License
Except where otherwise noted, the content on this site is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.