The SELinux mandatory access controls go much beyond the file and process access controls. One of the features provided by SELinux is controlling network communications. By default, the socket-based access control mechanism is used for general network access controls, but more detailed approaches are also possible.
SELinux System Administration
By :
SELinux System Administration
By:
Overview of this book
NSA Security-Enhanced Linux (SELinux) is a set of patches and added utilities to the Linux kernel to incorporate a strong, flexible, mandatory access control architecture into the major subsystems of the kernel. With its fine-grained yet flexible approach, it is no wonder Linux distributions are firing up SELinux as a default security measure.
SELinux System Administration covers the majority of SELinux features through a mix of real-life scenarios, descriptions, and examples. Everything an administrator needs to further tune SELinux to suit their needs are present in this book.
This book touches on various SELinux topics, guiding you through the configuration of SELinux contexts, definitions, and the assignment of SELinux roles, and finishes up with policy enhancements. All of SELinux's configuration handles, be they conditional policies, constraints, policy types, or audit capabilities, are covered in this book with genuine examples that administrators might come across.
By the end, SELinux System Administration will have taught you how to configure your Linux system to be more secure, powered by a formidable mandatory access control.
Table of Contents (13 chapters)
SELinux System Administration
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Fundamental SELinux Concepts
Understanding SELinux Decisions and Logging
Managing User Logins
Process Domains and File-level Access Controls
Controlling Network Communications
Working with SELinux Policies
Index
Customer Reviews