Secure Oracle Linux with SELinux

Publish date:

Oracle Linux, as most modern Linux kernels ship with the option of SELinux. Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC). Originally developed by Dan Walsh from Redhat and backed by research from the […]

Oracle Linux, as most modern Linux kernels ship with the option of SELinux. Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC). Originally developed by Dan Walsh from Redhat and backed by research from the National Security Agency (NSA) SELinux is finding its place in more and more Linux implementations. 

In essence SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement. This will help you to harden your system and enforce more strict security rules. 

Generally speaking the implementation of SELinux on your Oracle Linux installations is a good idea and will help you to raise your level of security. Issue with SELinux is that it is a not well understood solution which is often seen as a hinder rather then an addition to your system. To Promote SELinux and to provide more information Oracle has released the below video which can help you to understand SELinux in more detail and to help you understand why this should be included in your archtecture for systems that are responsible for critical business processes and/or old critical and confidential data. 

More on the subject of SELinux can be found on johanlouwers.blogspot.com or the oracle.com website. 

For more information about this topic, feel free to contact Johan Louwers directly via johan.louwers@capgemini.com

Related Posts

Cybersecurity

Is your Operational Technology (OT) environment insider safe?

Dan Leyman
Date icon September 8, 2020

Organizations need to exercise due diligence and care to ensure their vendors, contractors,...

Cybersecurity

Unlocking the power of AI and SOAR for end-to-end cybersecurity

Geert van der Linden
Date icon September 3, 2020

For AI to work effectively, organizations need to build a roadmap that addresses...

Cybersecurity

Identity access management (IAM) – the new normal

Dino Karanikas
Date icon August 27, 2020

Having an upgraded IAM plan in place will not only let you sleep better at night; it will...