Ask the Expert

Details on getting and installing SEL (security-enhanced Linux)

How do I get SEL (security-enhanced Linux)? Does it come with distributions, or does it require a separate install?

    Requires Free Membership to View

SEL (security-enhanced Linux) (licensed by the GPL) is actually integrated into the standard 2.6 kernel (as of 8/2003), as well as on some Linux distributions. It is available either as a download, or you can use the distribution that already includes support for SELinux. With the download, you can install just the SELinux modifications on an existing Linux platform (check your distributions SEL support page).

It is important to note that when installing SEL on a Linux distribution that lacks official SELinux support (such as SUSE), you must compile the software and also have other necessary system packages. SELinux itself consists of an SELinux-enabled Linux kernel, which is a core set of libraries and utilities, some modified packages, and a policy configuration.

For example, Fedora cores 5 and 6, RHEL5, Hardened Gentoo and Debian etch, all are not only supported, but even have all SEL's recent technology enhancements integrated into their distributions. Some of these new innovations includes references polices, loadable modules and policy management infrastructure. It is important to reiterate that SELinux is not presently supported in the SuSE (and many others as well) Linux distribution.

While SLES9 has held an EAL4+ certification for awhile now and was also built around the 2.6 Linux kernel, Novell has not been a vocal supporter of SEL. Their public stance has been that the technology is just too complicated for users to implement successfully. A lot has changed recently with the new features of SEL (as well as the tighter integration with supported distributions), which make it much simpler to work with and perhaps could cause some future policy changes at Novell.

This was first published in August 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: