Fedora/Linux Security Guide
Daniel J Walsh
dwalsh at redhat.com
Wed Mar 11 14:55:05 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eric Christensen wrote:
> SELinux is addressed in a completely separate guide.
Then that should be SCREAMED from the first line of this guide.
SELinux is a fundamental Security attribute of Fedora, and you guide is
the Fedora/Linux Secutity Guide. But your document treats it like it is
an afterthought.
If I pick up a Fedora/Linux Security Guied and do not see SELinux right
a way, I am very confused.
I had to search the guide for the work SELinux and it is mentioned
First mention of selinux is on Page 33, as a footnote.
Page 33:
.3 This access is still subject to the restrictions imposed by SELinux,
if it is enabled.
Next reference
Page 145:
15. restore default SELinux security contexts: /sbin/restorecon -v -R /home
Page 150:
? use security-enhancing software and tools, for example,
Security-Enhanced Linux (SELinux) for
Mandatory Access Control (MAC), Netfilter iptables for packet
filtering (firewall), and the GNU
Privacy Guard (GnuPG) for encrypting files.
Then Chapter 7 Under references you finally give information on SELinux,
but the guide you refer to is buried under several semi-useful links.
...
Community
Fedora SELinux User Guide
http://docs.fedoraproject.org/selinux-user-guide/
So why not in your Introduction to Security section explain what this
guide will not cover? SELinux and refer to the guides that do cover it
there.
I
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkm30MkACgkQrlYvE4MpobMLogCfVMPEPLWBj4CIkh9zqVihe5nF
PR0An3QfUDkROZi2Y2qzoT3Cmztu2YhI
=yo5d
-----END PGP SIGNATURE-----
More information about the security
mailing list