Red Hat brings SE Linux to Fedora

The latest beta of Fedora, an openly developed and constantly changing version of Linux sponsored by the Raleigh, N.C.-based distributor, includes SE Linux and is based on the 2.6 kernel. Enterprises are unlikely to deploy Fedora for mission-critical systems, but it does serve as a proving ground for Red Hat Enterprise Linux. RHEL 4.0 is on course for an early 2005 release and is likely to include SE Linux, said Fedora technical lead Cristian Gafton.

Red Hat hopes to hear feedback from the community on test2, in particular on the granularity of the default SE Linux security policy.

"We want to strike a balance. We don't want to make it too paranoid that it breaks things and people starting turning it off," Gafton said. "But we don't want to make it too relaxed either where people won't see the benefits and get a good perception of its benefits."

Gafton said Red Hat is working on a set of administration and configuration tools in advance of RHEL 4.0 in order to simplify the deployment and management of SE Linux.

"Setting up and maintaining SE Linux is more complex than a traditional discretionary access control model (DAC)," Gafton said. "We are working on system configuration and policy editing tools to make this easier on administrators."

Standard Linux security is based on the discretionary access control model where one superuser account has control over access permissions to resources on a network or file systems. The danger there, Gafton said, is that it creates a single point of failure. Should a hacker crack a root account, they would have the same privileges as the super use.

The link for this article located at techtarget.com is no longer available.