I can't find any example :( Can you show me some urls? On Monday, June 20, 2016 7:45 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: On 06/20/2016 11:06 AM, Jason Long wrote: > Can you show me some examples for both ? I already pointed you to OpenXT; it is a worked example of both. > On Monday, June 20, 2016 5:13 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > On 06/19/2016 09:15 AM, Jason Long wrote: > >> Hello. >> How can I protect my Xen VM via SElinux? Can you show me some useful examples? > > I'm not entirely sure what you are asking, but possible answers: > > 1. If you want to apply SELinux-like controls over Xen virtual machines > (domains), then you can use Xen Security Modules and the Flask security > module (commonly abbreviated XSM/Flask) to define and enforce a policy > over the hypervisor objects and operations. > > 2. If you want to use SELinux to harden the Xen domain-0 or specific > domUs, you can just enable it in those domains and configure your policy > accordingly. > > If you want a worked example of applying both XSM/Flask and SELinux, > have a look at OpenXT, > http://openxt.org/ > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx. > _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
