Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
SELinux: Bring World-Class Security to Any Linux Environment!
SELinux offers Linux/UNIX integrators, administrators, and developers a state-of-the-art platform for building and maintaining highly secure solutions. Now that SELinux is included in the Linux 2.6 kernel–and delivered by default in Fedora Core, Red Hat Enterprise Linux, and other major distributions–it’s easier than ever to take advantage
of its benefits.
SELinux by Example is the first complete, hands-on guide to using SELinux in production environments. Authored by three leading SELinux researchers and developers, it illuminates every facet of working with SELinux, from its architecture and security object model to its policy language. The book thoroughly explains SELinux sample policies– including the powerful new Reference Policy–showing how to quickly adapt them to your unique environment. It also contains a comprehensive SELinux policy language reference and covers exciting new features in Fedora Core 5 and the upcoming Red Hat Enterprise Linux version 5.
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 7
Clear style; Useful real-world examples; Good reference section
Not for new users
"SELinux by Example" is a well-written book that presents a primer on the SELinux framework as well as a number of useful real-world examples of the use of SELinux. Chapters include study points and questions to help insure you have mastered a given set of topics before you move on to more advanced topics.
Users new to Linux administration should first make sure they have a strong understanding of the default Linux security and permissions model. While "SELinux by Example" describes SELinux from the ground up, it does assume a fair amount of knowledge about Linux administration.
The examples in the book provide a clear definition of an SELinux policy as well as explanations of how each component of the policy is applied and the purposes of those components.
The book ends with a comprehensive reference guide to the SELinux Policy Language, making it an invaluable reference to those already familiar with SELinux. The index to the book provides more insight into many parts of the syntax.
"SELinux by Example" is an absolute benefit to anyone who is tasked with administering a Security-Enhanced Linux system, whether it is their first experience with SELinux or they are a seasoned veteran administrator.
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8
--- DISCLAIMER: This is a requested review by PTR, however any opinions expressed within the review are my personal ones. ---
The book SbE comes in 3 parts and additionally with 45 page strong Appendix
containing more detailed information where to get additonal information from.
Part I - A general overview (p. 1-55)
Part II - The SELinux Policy language (p. 57-236)
Part III - Creating and writing SELinux Security Policies (p. 237 - 362)
Appendix A (p. 364 - 409)
The book is mainly about policies itself and how to implement them.
Writing those policies is most of the time a time intensive and error prone task.
Readers planning on understanding SELinux should bring some time with them to fully understand and appreciate
the examples given for the "example" policy (f.e. strict or targeted) and the "reference" policy.
Whats going to prove useful is the hints given towards which trade-offs you may need to take when deciding
f.e. to use the strict policy. While the topic itself might seem dry for many readers the book will prove
useful for those genuinely interested.
The book does describe the most useful tools to put the reader straight on track and avoid loosing time.
The lovely prepared useful details like the 17 page index are a nice feature you will find yourself refering
to when in need. Some readers might find that they better leave the setup of SELinux to professional service
companies, but still the book serves to get an understanding what you can and possibly cant do with SELinux.
Many readers might also find the report useful provided at