-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Eric Christensen wrote:
SELinux is addressed in a completely separate guide.
Then that should be SCREAMED from the first line of this guide.
SELinux is a fundamental Security attribute of Fedora, and you guide is the Fedora/Linux Secutity Guide. But your document treats it like it is an afterthought.
If I pick up a Fedora/Linux Security Guied and do not see SELinux right a way, I am very confused.
I had to search the guide for the work SELinux and it is mentioned
First mention of selinux is on Page 33, as a footnote.
Page 33: .3 This access is still subject to the restrictions imposed by SELinux, if it is enabled.
Next reference Page 145:
15. restore default SELinux security contexts: /sbin/restorecon -v -R /home
Page 150:
? use security-enhancing software and tools, for example, Security-Enhanced Linux (SELinux) for Mandatory Access Control (MAC), Netfilter iptables for packet filtering (firewall), and the GNU Privacy Guard (GnuPG) for encrypting files.
Then Chapter 7 Under references you finally give information on SELinux, but the guide you refer to is buried under several semi-useful links.
...
Community Fedora SELinux User Guide http://docs.fedoraproject.org/selinux-user-guide/
So why not in your Introduction to Security section explain what this guide will not cover? SELinux and refer to the guides that do cover it there.
I