|
This may sound like an odd request, but I am currently
working on my master’s thesis on the topic of SELinux integration into
the workplace. Part of the analysis involves testing the security containment
capabilities of SELinux; i.e., making sure that SELinux functions as advertised
when dealing with events of escalating privilege. Does anyone on this list have
any recommendations on scripts or programs which can test these capabilities?
My test platforms are Fedora Core 3 (once released) and Red Hat Enterprise
Linux v4.0 Beta 1. My current thinking would be to downgrade certain packages
(httpd, etc) to a known vulnerable state and test, but would like to know how
the members on the list test their systems. Any help would be appreciated. I
can be reached at ackermal at jmu dot edu or alex at darkhonor dot com if you
would like to discuss this off-list. Thank you for any assistance. Alex Ackerman |
