Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.
Launchpad entry: selinux-by-default
Packages affected:
Summary
SELinux is a security infrastructure providing many benefits for server and enterprise desktop administrators. It has been well tested by Red Hat in both their Fedora Core and RHEL offerings and there's a growing community built around it. There are now useful policies and tools to manage SELinux. This spec wishes to investigate whether enabling SELinux by default in Ubuntu is a viable goal, and what the best method is for achieving that.
Rationale
MACLs are a useful security feature enabling fine-grained control of a system. In certain circumstances, they can mitigate vulnerabilities in software and also help defend against viruses and hackers.
Use cases
Scope
Design
Implementation
Code
Data preservation and migration
Unresolved issues