Can you show me some examples for both ? On Monday, June 20, 2016 5:13 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: On 06/19/2016 09:15 AM, Jason Long wrote: > Hello. > How can I protect my Xen VM via SElinux? Can you show me some useful examples? I'm not entirely sure what you are asking, but possible answers: 1. If you want to apply SELinux-like controls over Xen virtual machines (domains), then you can use Xen Security Modules and the Flask security module (commonly abbreviated XSM/Flask) to define and enforce a policy over the hypervisor objects and operations. 2. If you want to use SELinux to harden the Xen domain-0 or specific domUs, you can just enable it in those domains and configure your policy accordingly. If you want a worked example of applying both XSM/Flask and SELinux, have a look at OpenXT, http://openxt.org/ _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
