Securing Linux, Part 2: Planning the installation (IBM developerWorks) [LWN.net]

Securing Linux, Part 2: Planning the installation (IBM developerWorks)

Posted Nov 17, 2004 14:48 UTC (Wed) by walters (subscriber, #7396)
In reply to: Securing Linux, Part 2: Planning the installation (IBM developerWorks) by flewellyn
Parent article: Securing Linux, Part 2: Planning the installation (IBM developerWorks)

I'm not sure if you're agreeing or disagreeing with me.

I agree that you need some sort of plan before installing SELinux. There are a number of things they could have mentioned in this article that are important to consider pre-installation. For example:

Which policy to use? targeted or strict?
Do all the daemons you're going to run have policy written for them? Are there alternative daemons that do have policy?
Will your users understand file labeling?
Are the default policy's user_r and staff_r roles sufficient for the user categories you've identified, or do new roles need to be defined?

(Log in to post comments)

Securing Linux, Part 2: Planning the installation (IBM developerWorks)

Posted Nov 17, 2004 18:02 UTC (Wed) by flewellyn (subscriber, #5047) [Link]

I'm not disagreeing with the importance of SELinux, just pointing out that their failing to mention
it in this article doesn't necessarily constitute an oversight. They may be holding off until the
next article.

That's all.