[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re: Erich Schubert: SELinux support is a release goal for etch

(Please CC: me, I'm not in the list)

Uwe Hermann said:
Is there any quickstart document I should read to get myself up to speed?
Any TODO list for Debian which contains items a SELinux newbie could

Maybe that is one of the things that prevents users and developers from running or enabling SElinux, there is currently not much information to describe what a user needs to do in Debian in order to benefit from it. What's more, if you Google it out you might end up with bits that are not updated and do not apply anymore.

Manoj gave an excellent talk on SElinux at Debconf6, and the wiki points to three different pages [0]

The Debian Security Manual does not currently have a section on SELinux, it is only mentioned, in passing at the "Adding kernel patches" section [1]

I would gladly add a separate section on SElinux to the Manual if somebody from the team would write one. It doesn't have to be excessively detailed, it could maybe be written based on Manoj's [2] or Russel's [3] pages. But somebody has to do it (maybe even talk to Manoj to get him to attach a proper license to this brief HOWTO so that it can be reused in the Manual)

I'm not knowledgeable enough on SELinux to do it myself, and I cannot spare time to tinker with it, but if someone where to do it I think that might spur more users and developers...

My 2c.


[0] http://wiki.debian.org/SELinux, http://wiki.debian.org/SELinuxSetup and http://wiki.debian.org/SELinuxStatus

[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s-kernel-patches

[2] http://www.golden-gryphon.com/software/security/selinux.xhtml

[3] http://www.coker.com.au/selinux/

Reply to: