Fedora Core 3 Tries Out Latest SELinux

 
 
By Steven Vaughan-Nichols  |  Posted 2004-11-10 Email Print this article Print
 
 
 
 
 
 
 

Red Hat's updated community Linux distribution provides a trial run for the latest rendering of Security-Enhanced Linux, which uses Mandatory Access Control in the Linux kernel and granular permissions for users, programs, processes, files and devices.

This week saw the latest release of Red Hats community-based Linux distribution, Fedora Core 3.

While not a business release—and indeed Fedora has no official support from Red Hat Inc.—Fedora serves as a proving ground for ideas that may eventually make their way into RHEL (Red Hat Enterprise Linux).

Perhaps the most important of these new technologies being given a trial run in Fedora is the latest version of SELinux (Security-Enhanced Linux).

SELinux was first developed by the U.S. governments National Security Agency. While not intended to be a complete security solution for Linux, SELinux does strive to improve on the platforms security.

SELinux does this by implementing MAC (Mandatory Access Control) in the Linux kernel and by providing granular permissions for users, programs, processes, files and devices using the LSM (Linux Security Modules) framework. With SELinux, the administrator has precise control over all subjects (users, programs and processes) and objects (files and devices). Thus, applications, users and processes are granted only those permissions needed to function.

Fedora Core 2 also had SELinux in it, but its security restrictions were too strict for some users, so it was turned off by default. In Core 3, however, SELinux is turned on by default with a "targeted" policy.

This new policy specifically locks down only those daemons (programs that run automatically in Linux and Unix) that are known to be vulnerable to attack or are critical to system security. Programs that arent listed under the policy run using Linuxs normal security. Of course, administrators who want to push the security envelope can apply SELinuxs polices to the entire operating system.

Click here for a review of SELinux. Fedora Core 3 is built on top of the Linux 2.6.9 kernel. For a desktop, it offers the GNOME 2.8 and KDE 3.3 GUIs. The Linux distribution also comes with the Evolution 2.0 groupware client and an assortment of other common Linux office software.

While the source code is available, Red Hat provides only two binary versions of Fedora: x86-64 and i386. These are available for download from both Red Hats own site and as a bittorrent download as either a DVD image or four ISO images of the installation CD-ROMs.

The minimum requirements for a Fedora system are a 400 MHz Pentium II or better with 256 or more MBs of RAM. As always, the more system resources, the better.

Check out eWEEK.coms for the latest open-source news, reviews and analysis.
 
 
 
 
Steven J. Vaughan-Nichols is editor at large for Ziff Davis Enterprise. Prior to becoming a technology journalist, Vaughan-Nichols worked at NASA and the Department of Defense on numerous major technological projects. Since then, he's focused on covering the technology and business issues that make a real difference to the people in the industry.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel