Even if the name sounds like it: SELinux is not a Linux distribution, but a security extension for the Linux kernel; combined with a set of tools for users and administrators. With “Security Enhanced Linux” they get significantly more and better options for controlling access than the classic Unix file permissions offer: On the one hand, access to files can be fine-tuned via SELinux, with other access types in addition to “Read”, “Write” and “Execute”. On the other hand, users can use SELinux to regulate network ports or operating system calls, for example.
Numerous Linux distributions – especially from the Red Hat environment – support SELinux or even pre-install it. Nevertheless, users and administrators often do not use the extension, or even deactivate it to supposedly avoid problems. That’s unfortunate, because SELinux can contain the effects of program errors and security gaps and thus save a lot of trouble – even in cases that can’t be caught with Unix file permissions or only with difficulty.
The c’t workshop “Securing services with SELinux” imparts the necessary knowledge to fully exploit the capabilities of SELinux – and to troubleshoot any problems with it. After all, disabling SELinux means throwing the baby out with the bathwater. Among other things, workshop participants will learn how the “Mandatory Access Control” of SELinux differs from the “Discretionary Access Control” of classic Unix rights; how to use SELinux to secure server services and how to customize SELinux policies for applications.
The workshop is aimed at administrators who can handle a little with the Unix/Linux command line – including an editor such as vi, nano or emacs – and have basic TCP/IP network knowledge under Unix/Linux. The online event will take place on October 18, 2022 from 9 a.m. to 5 p.m. A current browser is sufficient to participate. Early bookers get a 10% discount and thus pay EUR 789.00 for the workshop. Further information on the event and details on how to register can be found on the heise events workshop page. (syt)
To home page