Even if the name sounds like it: SELinux is not a Linux distribution, but stands for “Security Enhanced Linux” – a security extension for the Linux kernel plus a range of tools for users and administrators. Numerous Linux distributions – especially from the Red Hat environment – support SELinux or even pre-install it. However, users and administrators often do not use the extension out of insecurity or even deactivate it.
SELinux helps to contain the effects of program errors and security gaps and can thus save a lot of trouble – even in cases that cannot be caught or can only be caught with difficulty using Unix file permissions. The extension gives admins significantly more and better options than the classic Unix file permissions offer. On the one hand, access to files can be fine-tuned, because SELinux offers other types of access in addition to “Read”, “Write” and “Execute”. On the other hand, network ports and operating system calls can also be regulated with the extension.
Workshop for Linux admins
The c’t workshop “Securing services with SELinux” imparts the necessary knowledge to fully utilize the capabilities of SELinux. Among other things, workshop participants will learn how the “Mandatory Access Control” of SELinux differs from the “Discretionary Access Control” of classic Unix rights; how to use SELinux to secure server services and how to customize SELinux policies for applications.
The workshop is aimed at administrators who have basic TCP/IP network knowledge under Unix/Linux and can handle a little with the Unix/Linux command line – including the use of an editor such as vi, nano or emacs. The online event will take place on Tuesday, October 18, 2022 from 9 a.m. to 5 p.m. A current browser is sufficient to participate. Further information on the event and details on how to register can be found on the heise events workshop page. (dwi)
To home page