Schedule: An overview of SELinux in CentOS 5
| Speakers | |
|---|---|
|
Ralph Angenendt |
| Schedule | |
| Day | Sunday |
| Room | H.1309 |
| Start time | 10:00 |
| End time | 11:00 |
| Duration | 01:00 |
| Info | |
| Event type | Podium |
| Track | CentOS + Fedora |
| Language | English |
drwxr-x--x is still the normal means of security under linux, giving access rights to data to users, groups and anyone else. This method isn't very flexible, so access rights are either given for larger groups of people or the administrator is tearing out his hair because he is lost in a maze of user, file and directory structures, which make working more than complex, but don't make the system more secure. Enter SELinux, a security infrastructure which is integrated into the kernel and promises to make securing your system more flexible.
SELinux is a security framework which is included in the kernel of the Linux operating system. Under SELinux files don't only have the normal access rights or ACLs, but also have a context. You as a user or a program have to be able to use that context to get access - even if normal access rights would allow you to change the file. This talk gives a short overview of SELinux and talks about the tools in CentOS 5 (and Fedora) which enable you to change the behaviour of SELinux.