On 07.11.2005, at 18:27, Tim Watkins wrote: > > ... > Is Trustix implementing SELiunx? > right now I'm not aware of SELinux related implementations. > > > If not what makes it so secure?
why do you think just the awareness of SELinux code makes linux "so secure"? the FAQ of SELinux states: http://www.nsa.gov/selinux/info/faq.cfm#I1 What is Security-enhanced Linux? Security-enhanced Linux is a research prototype of the Linux® kernel and a number of utilities with enhanced security functionality designed simply to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. So SELinux is security enhancement for organisational risks, not risks related to unsane default installations, bad packaging and overall unneeded functions for a server operating system. Trustix was created to address the named problems, and some more that I can't think of right now. I would like to point you to the trustix development policy, which gives some idea what is part of the TSL thinking, and how to create a secure environment for your services with trustix. http://www.trustix.org/content/view/21/65/ just my two cents ... matthias _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
