In a preview of his LinuxWorld Conference & Expo workshop, Shankar said that the biggest benefit of SELinux is that systemwide policies automatically and absolutely enforce access controls. No one gets the unrestricted access of a "root" superuser; instead, each user is confined to what he needs to know, he said. In the case of a breach, an intruder is boxed in and can destroy only a portion of the system, he said.SELinux successful implementations
SELinux, or Security Enhanced Linux, is an effort initiated by the National Security Agency some years ago to rearchitect the Linux kernel to incorporate secure access controls. Its access restrictions can help commercial businesses such as financial institutions, which need to safeguard credit and personnel information, although SELinux can easily handle the even more granular levels of security requirements of the U.S. government and military services, he said.
SELinux has the support of most -- but not all -- the major Linux players. IBM has been actively involved in developing these controls for seven or eight years and has worked with Red Hat Inc., which "pioneered" efforts to integrate SELinux into Red Hat Enterprise Linux 4 and 5, Shankar said. Ubuntu and Gentoo supporters are also in the process of incorporating SELinux into their distributions, but Novell Inc. has taken a different approach to secure access to SUSE Linux Enterprise, Shankar said. In June 2007, IBM also completed a more elaborate, multilevel access control system for the military, he added.
A year ago, IBM completed a successful pilot of SELinux for the British government, incorporating it into a procurement website developed with IBM WebSphere for the Cabinet, he said. The pilot achieved its goals but Shankar did not know whether the technology had been put into production.
Relating a success story, Shankar said SELinux forestalled an attempted breach a year and a half ago that could have compromised several hundred servers. The intruders attempted to gain access by overflowing the buffer zone with data but were unsuccessful, he said.
Even with SELinux access controls, computer systems are still vulnerable to other means of unauthorized access, but SELinux buys time, preventing an attack from occurring and giving IT staff the opportunity to install a patch or do an update to remedy the weakness, he said.
Given its early-adopter status, SELinux will spread slowly, Shankar predicted.
Part of the problem has been motivating users to take the time and effort to learn and use SELinux because, typically, IT staffers don't just implement it out of the box but create policies specifically for their requirements, he explained.
As SELinux adoption grows, therefore, the research-and-development challenge is to make it more user-friendly. "As we find issues, we'll fix them," Shanker said. "We have to make it easier for the regular person to use. Once they learn it, they love it."