Linux Security Modules
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all, Has anyone implemented LSM into a SuSE box as of yet? I tried a quick text search through the last 6 months or so of the list archive, but found no instance of this topic. I am particularly interested in utilizing the SELinux module. Possibly LIDS as well. Thanks. - -- Thomas Jones Linux-Howtos Network Administrator OpenGPG Key: 0x6A3DF6E9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE+/wkhQT2komo99ukRAhPUAKDGaNz1YDeRPsFGjxjDaqSkWMhL5QCeIsu2 P0uUg9SAwFVf/tNwngn2e3k= =hUnf -----END PGP SIGNATURE-----
Hello Thomas,
* Thomas Jones
Has anyone implemented LSM into a SuSE box as of yet? I tried a quick text search through the last 6 months or so of the list archive, but found no instance of this topic.
I am particularly interested in utilizing the SELinux module. Possibly LIDS as well.
Yes, Carsten Grohmann has been maintaining SELinux-rpms for SuSE for a while now. They can be found at his site http://www.securityenhancedlinux.de/ These are definitely worth a look because SELinux needs some patching of core-utilities, which is some work if you do it yourself as the SuSE-packages may differ significantly from the vanilla-packets (added functionality, patched etc) I haven't found the time to test Carsten's packets yet, so I can't say much more. I have cc'ed Carsten, maybe he wants to comment further on his work and the status of SELinux on SuSE. Regarding LIDS: I do not know of any SuSE-specific work at the moment, but LIDS does not need that much patching, so the distribution-specific amount of work should not be that big. I have not yet tested LIDS (I am leaning more towards SELinux) so you should take this with a grain of salt. HTH, Thomas
Thanks.
- -- Thomas Jones Linux-Howtos Network Administrator OpenGPG Key: 0x6A3DF6E9 -- This text is printed on 100% recycled electrons.
participants (2)
-
Thomas Bleher
-
Thomas Jones