Also, SELinux extends past file permissions to included resources like network ports. Only one security system can be included in a system, although they coexist with the standard Linux file permission scheme, and Linux has pluggable support for security to allow different systems to be employed. Embedded Linux implementations built with Yocto can include a MAC option. Another MAC available with Suse and Ubuntu Linux is AppArmor. There is also the POSIX access control list (ACL) support, but this is discretionary access control (DAC) versus SElinux’s mandatory access control (MAC). Nor is SELinux the only security option other than the standard user/group file permission support that is available with all Linux implementations. It is also available in many embedded Linux incarnations. SELinux support can take the form of any number of Linux distributions, like Red Hat Enterprise Linux (RHEL). All the same, don’t do it!įor those who don’t use Linux, SELinux is a security enhancement to it that supports mandatory access controls. And yes, disabling security features-like turning off SELinux-will allow software to run. Most recommendations on sites like StackOverflow and Reddit say to do it in order to get software to work.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |