O'Reilly has published a book about the National Security Agency's (NSA's) security-enhanced Linux. “SELinux: NSA's Open Source Security Enhanced Linux,” by Bill McCarty, targets typical sysadmins wanting to understand and maintain SELinux-based distributions such as Red Hat Enterprise Linux 4, expected Q1, 2005.

Several other Linux distributions employ SELinux technology, including Fedora Core, Gentoo, SuSE, and Sysgo's ELinOS embedded Linux distribution.

SELinux implements role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege, according to McCarty. It prevents flaws in one application, such as buffer overflows, from spreading to others. And, recent improvements have made SELinux easier to use, more robust, and more dependable.

McCarty's book covers SELinux principles, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on.

McCarty said, “I now believe that SELinux is the most important computing technology for Linux users that I've seen in the last several years. Properly configured SELinux systems are expected to be highly resistant to compromise.”

Availability

The 254-page book is available in stores or direct from O'Reilly, priced at $39.95. A sample chapter, table of contents, index, and author bio are also available online.

 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.