On Sun, Sep 27, 2009 at 9:53 PM, Dominick Grift <domg472@xxxxxxxxx> wrote:
Hello,On Sun, Sep 27, 2009 at 07:25:05PM +0100, Zbynek Houska wrote:
> All,
>
> I'm about to embark on a SELinux related final year project for BSc (Hons)
> in IT this semester. My goal is to learn SELinux well, compare to other
> (Linux) security projects, demystify it / demonstrate its pros and cons...
> I would like to do a thorough research on exploit / attack mitigation with
> SELinux as per Tresys website (http://www.tresys.com/innovation.php) and
> write a few (new) policies for software of my choice. I intend to use
> honeypots running Fedora 11 as my base system. However, I'm not sure if
> college class B network will produce conclusive results.
>
> Thus, I would appreciate support, guidance and comments from (seasoned)
> SELinux gurus, developers and practitioners on this list in order to point
> me in the right direction when it comes to sourcing literature, white
> papers, research work other people might already have conducted and
> overcoming pitfalls related to such testing environments.
Hi Dominick,
Here is a list with links to SELinux resources.
http://selinuxproject.org/page/User_Resources
You have already found the right mailing lists (except Tresys refpolicy list). I Recommend that you also bookmark and study the list Archives:
https://www.redhat.com/archives/fedora-selinux-list/
http://oss.tresys.com/pipermail/refpolicy/
http://marc.info/?l=selinux&r=1&w=2
Oh, sure I always try to go through archives.
Also have a look at this presentation:
http://people.redhat.com/dwalsh/SELinux/Presentations/ManageRHEL5.pdf
This book:
http://www.selinuxbyexample.com/
These:
http://docs.fedoraproject.org/selinux-user-guide/f11/en-US/
http://docs.fedoraproject.org/selinux-managing-confined-services-guide/en-US/F11/html/
And this:
http://www.nsa.gov/research/selinux/
Thanks a lot for all links you have put up together for me. I believe I already have some of them, if not all of them. I was wondering if there is some academic research into SELinux (other than Flux / Flask) as other resources / references might be deemed as unsubstantiated.
hth
Thanks,
Zbynek
>
> Kind regards,
>
> Zbynek
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list