Today, prudent system administrators defend their machines with a multi-layered security approach, using firewalls, automated patch management systems, sudo, fine tuning system access, log analysis tools and, recently, SELinux. SELinux provides additional Mandatory Access Controls beyond those traditionally provided in the UNIX security model. Recent Red Hat Enterprise Linux and Fedora Linux releases have an SELinux policy implementation called the “targeted policy”. SELinux aims to restrict the privileges of programs in multiple packages to the minimum required for correct operation. This can thwart an attack that depends on having read, write or execute access to certain files or directories.
Last Modified: 29 Nov, 2015 at 23:19:32