Stephen Smalley wrote:
On Wed, 2008-06-11 at 15:53 -0400, max wrote:
I would prefer to get a desktop reference rather than having to refer
to online documents or the hardcopies of individual papers I have
printed off, many of which are also dated. In any case I feel like I
have learned enough that I can open a book on the subject of SELinux and
not get completely lost. It looks like I have basically two options :
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open
Source Software Development Series) by Frank Mayer, Karl MacMillan, and
David Caplan (Paperback - Aug 6, 2006)
SELinux: NSA's Open Source Security Enhanced Linux by Bill McCarty
(Paperback - Oct 11, 2004) - Illustrated
The first is more recent so I am leaning that way but I have seen
opinions that suggest even it is way out of date. I don't mind spending
money on a good book, reading is one of my favorite past times, but I
don't want anything so dated that it won't serve as a decent reference
for the near future (next year or so). I understand nothing is going to
be up to the minute. Should I purchase one? or are they too out of date
to even serve as good references? This is definitely something I am
interested in learning about or I wouldn't bother to ask. Suggestions
and advice from all corners of reality welcome.
What kind of information are you looking for?
The first, more recent, book includes discussion of reference policy and
policy modules and thus is relatively consistent with what you find in
modern SELinux, although newer developments like system-config-selinux,
setroubleshoot, etc naturally don't appear in it. It was written during
the development of Fedora Core 5, which marked the transition of SELinux
from the old way (example policy, monolithic policy) to the new way
(reference policy, modular policy, semanage).
Well I'd like to learn it all but I think a practical approach would
mean learning to write policy first, since that is a skill I could put
to use now. I don't expect it will be easy but that's ok, I have some
time right now and I'd like to learn the policy language. If the first
book covers this then I will get it. Is there a better reference for
aspiring policy writers? I don't care about the gui tools so much, not
that they aren't useful but I prefer to do most things myself and not
automate it since this brings me less understanding.
--
An unwillingness to embarrass oneself makes learning more difficult
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
