SELinuxByDefault

Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

  • Launchpad entry: selinux-by-default

  • Packages affected:

Summary

SELinux is a security infrastructure providing many benefits for server and enterprise desktop administrators. It has been well tested by Red Hat in both their Fedora Core and RHEL offerings and there's a growing community built around it. There are now useful policies and tools to manage SELinux. This spec wishes to investigate whether enabling SELinux by default in Ubuntu is a viable goal, and what the best method is for achieving that.

Rationale

MACLs are a useful security feature enabling fine-grained control of a system. In certain circumstances, they can mitigate vulnerabilities in software and also help defend against viruses and hackers.

Use cases

Scope

Design

Implementation

Code

Data preservation and migration

Unresolved issues

BoF agenda and discussion


CategorySpec

SELinuxByDefault (last edited 2008-08-06 16:22:41 by localhost)