FOSDEM '08 is a free and non-commercial event organised by the community, for the community. Its goal is to provide Free and Open Source developers a place to meet.


Schedule: SELinux don't just switch it off

Jens Kuehnel
Day Saturday
Room H.1309
Start time 15:00
End time 16:00
Duration 01:00
Event type Podium
Track CentOS + Fedora
Language English
SELinux don't just switch it off

Security-Enhanced Linux (SELinux) is a Linux feature that provides a variety of security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating systems, such as Linux and BSD.

Its architecture strives to streamline the volume of software charged with security policy enforcement, which is closely aligned with the TCSEC (Orange Book) requirement for TCB minimization (applicable to evaluation classes B3 and A1) but is quite unrelated to the least privilege requirement (B2, B3, A1) as is often claimed. The germinal concepts underlying SELinux can be traced to several earlier projects by the U.S. National Security Agency.