Secure Linux Practically a State Secret

In my mailbox: a review copy of O'Reilly's SELinux: NSA's Open Source Security Enhanced Linux, a new book by Bill McCarty on a Linux enhancement developed for the National Security Agency.

I wasn't familiar with this project, but the book makes it tempting to carve off a hard drive partition this afternoon and try it out. SELinux offers role-based access control and privilege escalation baked into the kernel, as described by the NSA:

This work is not intended as a complete security solution for Linux. Security-enhanced Linux is not an attempt to correct any flaws that may currently exist in Linux. Instead, it is simply an example of how mandatory access controls that can confine the actions of any process, including a superuser process, can be added into Linux. The focus of this work has not been on system assurance or other security features such as security auditing, although these elements are also important for a secure system.

One of my goals for Workbench is to offer more software and computer book reviews. If you're a publisher or author scouring the Web for press opportunities, let me know how to get on your PR mailing list.

Add a Comment

All comments are moderated before publication. These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).