SELinux NSA's Open Source Security Enhanced Linux

Name: SELinux NSA's Open Source Security Enhanced Linux
Price: 7.8 USD
Availability: InStock
ISBN: 9780596007164

ISBN-10: 0596007167

ISBN-13: 9780596007164

Edition: 2005

Authors: Bill McCarty

List price: $39.95

This item qualifies for FREE shipping.

30 day, 100% satisfaction guarantee!

Buy new: $43.01

Marketplace

3 new & used from $7.80

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source. SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls,…

Book details

List price: $39.95
Copyright year: 2005
Publisher: O'Reilly Media, Incorporated
Publication date: 11/2/2004
Binding: Paperback
Pages: 254
Size: 6.97" wide x 9.06" long x 0.71" tall
Weight: 0.946
Language: English

Bill McCarty is a Professor of Information Technology at Azusa Pacific University, Azusa, California. Bill is also the author of over fifteen technical books and numerous papers and presentations. He serves as editor of the Honeynet Files department of the journal IEEE Security and Privacy, and directs the Azusa Pacific University Honeynet Research Project, which is affiliated with the Honeynet Project's Honeynet Research Alliance. Bill has briefed members of US organizations such as the CIA, DISA, FBI, NASA, and NSA, and non-US organizations such as the UK's CESG and GHQ, on his honeynet research. He has worked with the FBI to prevent and detect computer crimes.



Preface



Introducing SELinux


Software Threats and the Internet


SELinux Features


Applications of SELinux


SELinux History


Web and FTP Sites



Overview of the SELinux Security Model


Subjects and Objects


Security Contexts


Transient and Persistent Objects


Access Decisions


Transition Decisions


SELinux Architecture



Installing and Initially Configuring SELinux


SELinux Versions


Installing SELinux


Linux Distributions Supporting SELinux


Installation Overview


Installing SELinux from Binary or Source Packages


Installing from Source



Using and Administering SELinux


System Modes and SELinux Tuning


Controlling SELinux


Routine SELinux System Use and Administration


Monitoring SELinux


Troubleshooting SELinux



SELinux Policy and Policy Language Overview


The SELinux Policy


Two Forms of an SELinux Policy


Anatomy of a Simple SELinux Policy Domain


SELinux Policy Structure



Role-Based Access Control


The SELinux Role-Based Access Control Model


Railroad Diagrams


SELinux Policy Syntax


User Declarations


Role-Based Access Control Declarations



Type Enforcement


The SELinux Type-Enforcement Model


Review of SELinux Policy Syntax


Type-Enforcement Declarations


Examining a Sample Policy



Ancillary Policy Statements


Constraint Declarations


Other Context-Related Declarations


Flask-Related Declarations



Customizing SELinux Policies


The SELinux Policy Source Tree


On the Topics of Difficulty and Discretion


Using the SELinux Makefile


Creating an SELinux User


Customizing Roles


Adding Permissions


Allowing a User Access to an Existing Domain


Creating a New Domain


Using Audit2allow


Policy Management Tools


The Road Ahead



Security Object Classes



SELinux Operations



SELinux Macros Defined in src/policy/macros



SELinux General Types



SELinux Type Attributes


Index