Computerworld New Zealand - Security Enhanced Linux, a "hardened" version of the open-source software that was helped into existence by a U.S. spy agency, is on the verge of gaining broad acceptance, a New Zealand developer says.
Kerry Thompson, an Auckland security consultant, says the pending release of the Fedora Core 2 distribution will introduce SELinux to mainstream Linux users. Fedora is sponsored by Red Hat Inc. and built on Red Hat 9, and has been adopted by many former Red Hat community members. Red Hat Enterprise Linux 4, due early next year, will also include SELinux technology.
SELinux, produced by the National Security Agency, security companies and open-source developers, extends the Linux kernel to include a media access control (MAC) system, restricting access to system resources for users and programs. MAC makes it more difficult for a rogue user or program to take control of other processes, files or devices.
Thompson has done "a fair bit" of SELinux testing, development and documentation over recent years but hasn't yet managed to install SELinux on a client's computer.
"I haven't heard of anyone in New Zealand doing deployment," he says. "No one's used it in anger."
Fedora is likely to change that. Red Hat developers use Fedora as a testing ground for the company's enterprise distribution, so bugs and implementation issues should get attention.
Fedora Core 2 is currently available in beta release; a final version is expected next month.
At the moment, SELinux probably isn't ready for widespread production use, Thompson says.
"It's still pretty much beta software. It's still quite experimental, and it uses features that could mess up your servers and things like that," he says. "It's also debatable that people really need it." Customers that do need very secure computers are likely to use hardened Unix systems, he says, but SELinux promises much more.
"You can load a policy in the kernel of a box and tighten it down far more than you could with a normal Unix box," Thompson says.
Last week Thompson presented a demonstration of SELinux to the Auckland Linux User Group, with 23 people attending.
"But as Fedora comes out and it gets more mainstream, we expect more people will be interested in this," he says.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?