[CentOS] Getting ready for CentOS 5.4
Chan Chung Hang Christopher
christopher.chan at bradbury.edu.hk
Mon Mar 30 13:29:23 UTC 2009
>> With sudo disabled, the cracker must also have a local exploit that gets
>> past SELinux. Assuming Ubuntu supports SELinux (does it?)
>>
>
> No, it comes with AppArmor instead.
>
>
There are trappings of selinux in Intrepid if not Hardy.
Package: libselinux1
escription: SELinux shared libraries
This package provides the shared libraries for Security-enhanced
Linux. Security-enhanced Linux is a patch of the Linux kernel and a
number of utilities with enhanced security functionality designed to
add mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement, Role-based Access
Control, and Multi-level Security.
.
libselinux1 provides an API for SELinux applications to get and set
process and file security contexts and to obtain security policy
decisions. Required for any applications that use the SELinux API.
More information about the CentOS
mailing list