Just a few months after releasing code for its internal research efforts to build a more secure Linux, the National Security Agency has taken the next step to make sure the project gets completed.
Last month, the NSA announced that it will fund a $1.2 million, two-year development effort for its SELinux (Security-Enhanced Linux) project.
SELinux adds mandatory access controls to Linux, a key feature of secure-by-design operating systems. These controls prevent users from setting insecure permissions on files, even on files theyve created.
SELinux also lets administrators associate programs with security profiles that specify exactly which data files and what kind of network resources a program can access. This “sandboxing” feature is needed to defend against buffer overflows and other common application security bugs.