The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. SELinux dramatically changes this situation. Now an operating system embodying the key advances of the security field (such as role-based access controls, mandatory access controls, and fine-grained transitions with privilege escalation following the principle of least privilege) is available in widespread and popular distributions of the Linux operating system-all of it free and open source.
An SELinux system administrator needs a wide range of knowledge, and that's what this book offers. It explains in clear, precise, and practical language the key information you need to know, including the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research of SELinux into this small but information-packed book. Topics include:
- A readable and concrete explanation of SELinux concepts and the SELinux security model
- Installation instructions for numerous distributions
- Guidelines for basic system and user administration
- A detailed dissection of the SELinux policy language
- Examples and guidelines for altering and adding policies
How can you benefit from SELinux? It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage nowadays- where someone gets a toehold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toehold into pervasive control over the computer system-are prevented on an SELinux system, if you follow the procedures explained in this book.
SELinux grew out of research at the U.S. National Security Agency. With varying degrees of integration and support, SELinux is available for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE.
L'auteur Bill McCarty
Bill McCarty is associate professor of management information systems in the School of Business and Management of Azusa Pacific University, Azusa, California, and was previously associate professor of computer science, in which capacity he taught for ten years in Azusa Pacific's Master of Applied Computer Science program. Bill holds a Ph.D. in the management of information systems from the Claremont Graduate University, Claremont, California, and worked for 15 years as a software developer and manager.
- Introducing SELinux
- Overview of the SELinux Security Model
- Installing and Initially Configuring SELinux
- Using and Administering SELinux
- SELinux Policy and Policy Language Overview
- Role-Based Access Control
- Type Enforcement
- Ancillary Policy Statements
- Customizing SELinux Policies
- Security Object Classes
- SELinux Operations
- SELinux Macros Defined in src/policy/macros
- SELinux General Types
- SELinux Type Attributes
Caractéristiques techniques du livre "SELinux NSA's Open Source Security Enhanced Linux"
|Nb. de pages||238|
|Format||17,5 x 23,5|
|Intérieur||Noir et Blanc|
Livraison à partir de 0,01 € en France métropolitaine (1)
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ de 700 000 livres disponibles