SELinux, da ili ne

Šta je SELinux :
“Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism implemented in the kernel. SELinux follows the model of least-privilege; by default everything is denied and then a policy is written that gives each element of the system only the access required to function. This reduces or eliminates the ability of these programs and daemons to cause harm when compromised. SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux users and roles are not related to the actual system users and roles, and it has no concept of “root” user.”

Pošto je u samom kernelu, radi veoma brzo, i aplikacije ne moraju posebno da mu se prilagođavaju.
Sa druge strane, ako vam nešto iz potpuno misterioznih razloga ne radi, isključite SELinux, i verovatno će proraditi…
Dakle, koristiti ga ili ne?
Pa i ne, sem ako niste ZBILJA dobri sa nim, bar po mom misljenju.

Dobar link : SELinux za početnike.

This entry was posted in Linux and tagged . Bookmark the permalink.

Comments are closed.