Announcing the third test release of Fedora Core 2
Stephen Smalley
sds at epoch.ncsc.mil
Wed Apr 28 14:20:24 UTC 2004
On Wed, 2004-04-28 at 10:05, Jay Daniels wrote:
> I will have to catch up on some reading. I thought SELinux was a
> modified kernel published by the government!
The kernel security framework and module for SELinux are in mainline
Linux 2.6. So all 2.6-based Linux distros should at least have the
SELinux kernel code.
> Why would Fedora even include it or does it just include support for
> SELinux?
The plan to incorporate SELinux into Fedora Core 2, including the
necessary userland and policy integration, was announced long ago. But
you have the option to disable it, and it is disabled by default
presently.
> I do not think most users here would need SELinux.
SELinux provides a flexible mechanism for enforcing security policies;
you can configure it for your specific security needs.
See the paper available from
http://www.nsa.gov/selinux/papers/inevit-abs.cfm for a discussion of why
such a mechanism is important.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the users
mailing list