LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Red Hat (https://www.linuxquestions.org/questions/red-hat-31/)
-   -   What are the security differencs between RHEL4 and RHEL5? (https://www.linuxquestions.org/questions/red-hat-31/what-are-the-security-differencs-between-rhel4-and-rhel5-636217/)

windowsnot 04-18-2008 07:24 AM
What are the security differencs between RHEL4 and RHEL5?
 
Good Morning Everyone,

Does anyone know the security differencs between RHEL4 and RHEL5?

thank you.

-windowsnot

blacky_5251 04-18-2008 07:55 AM
That's a hard question to answer. Two things come to mind:-
  • Disk encryption with LUKS
  • SELinux - MCS & MLS
SELinux is generally improved (to the point you can use it).

Are you concerned about anything specifically?

windowsnot 04-18-2008 11:24 AM
Quote:
Originally Posted by blacky_5251 (Post 3125180)
That's a hard question to answer. Two things come to mind:-
  • Disk encryption with LUKS
  • SELinux - MCS & MLS
SELinux is generally improved (to the point you can use it).

Are you concerned about anything specifically?
Thanks for the feedback...

Yes...I am more concerned with things like auditd, faillog, security relevant objects. Are they still the same in RHEL5 Has any new software been added to RHEL5 that can be considered security hazard?

My current job requires that a version of OS that has never been installed be pre-approved by our security team before it can be loaded on a system...
the IS security team would like to know what the significant differences in security are from RHEL4 to RHEL5. Of course I can't tell them because I can't load it on a system until it is approved... :cry:

They have sent me on a goose chase to find out what the differences are and present them the details so that we can officially used RHEL5 for production use...

XavierP 04-18-2008 11:33 AM
The best way to answer that is to look at the changelogs, they will tell you what is different between the 2 versions and to which version packages are at. Though frankly I would have thought that assessing security is part of the security team's remit not yours...?

windowsnot 04-18-2008 11:51 AM
Quote:
Originally Posted by XavierP (Post 3125384)
The best way to answer that is to look at the changelogs, they will tell you what is different between the 2 versions and to which version packages are at. Though frankly I would have thought that assessing security is part of the security team's remit not yours...?
You have hit the nail right on the head my friend...
but it is one of those things that you can't argue with...

Thanks for the info I will check that out...

willc 04-23-2008 09:08 AM
This may not explain the difference between RH4 and RH5 too well, but it may give you a little ammunition to make the case for 5.

From the RHEL 5 Features page:
Quote:
Security
* SELinux enhancements include Multi-Level Security and targeted policies for all services
* SEtroubleshooter GUI simplifies SELinux management
* Integrated directory and security capabilities
* IPSEC enhancements improve security and performance
* ExecShield enhancements, such as a call frame Canary word, strengthen hacker defenses
* New Audit features provide powerful new search/reporting and real-time monitoring
This page regarding RH Certifications and Accreditations explains how much attention they put into meeting the various security requirements of state/federal IT security regulations.

Hope that helps!

dasy2k1 04-23-2008 02:21 PM
would it not be better for them to install it one one non-production fully isolated test bed and then thoroughly asses that,

hardcorelinux 07-18-2008 12:47 AM
Quote:
Originally Posted by windowsnot (Post 3125375)
Thanks for the feedback...

Yes...I am more concerned with things like auditd, faillog, security relevant objects. Are they still the same in RHEL5 Has any new software been added to RHEL5 that can be considered security hazard?
Multilevel security implementation for SELinux (2.6.12)

Audit subsystem

support for process-context based filtering (2.6.17)

more filter rule comparators (2.6.17)


TCP/UDP getpeercon: enabled security-aware applications to retrieve the entire security context of a process on the other side of a socket using an IPSec security association. If only MLS-level information is needed or interoperability with legacy unix system is required, NetLabel can be used in place of IPSec.

win32sux 07-18-2008 04:04 PM
I'm moving this to Red Hat, as it's a 100% distro-specific question.

I'll leave a redirect in Security for a few days.

cmnorton 07-19-2008 12:54 PM
MySQL 5
 
You get the latest version of MySQL, instead of purchasing it in an application stack add-on.


All times are GMT -5. The time now is 11:20 PM.