Manage Learn to apply best practices and optimize your operations.

Details on getting and installing SEL (security-enhanced Linux)

How do I get SEL (security-enhanced Linux)? Does it come with distributions, or does it require a separate install?
SEL (security-enhanced Linux) (licensed by the GPL) is actually integrated into the standard 2.6 kernel (as of 8/2003), as well as on some Linux distributions. It is available either as a download, or you can use the distribution that already includes support for SELinux. With the download, you can install just the SELinux modifications on an existing Linux platform (check your distributions SEL support page).

It is important to note that when installing SEL on a Linux distribution that lacks official SELinux support (such as SUSE), you must compile the software and also have other necessary system packages. SELinux itself consists of an SELinux-enabled Linux kernel, which is a core set of libraries and utilities, some modified packages, and a policy configuration.

For example, Fedora cores 5 and 6, RHEL5, Hardened Gentoo and Debian etch, all are not only supported, but even have all SEL's recent technology enhancements integrated into their distributions. Some of these new innovations includes references polices, loadable modules and policy management infrastructure. It is important to reiterate that SELinux is not presently supported in the SuSE (and many others as well) Linux distribution.

While SLES9 has held an EAL4+ certification for awhile now and was also built around the 2.6 Linux kernel, Novell has not been a vocal supporter of SEL. Their public stance has been that the technology is just too complicated for users to implement successfully. A lot has changed recently with the new features of SEL (as well as the tighter integration with supported distributions), which make it much simpler to work with and perhaps could cause some future policy changes at Novell.

Dig Deeper on Linux servers

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.