• 1

SE Linux and vulnerabilities

I think demonstrating how SE Linux can mitigate existing vulnerabilities is an excellent way to promote the use of SE Linux. It would be great if RedHat could play up the advantage to SE Linux users (and thus the superiority of RHEL as it seems to be the only one shipping with SE Linux enabled) in their security vulnerability alerts or something. I often use the example of the old ssh exploit to explain how SE Linux would have helped because it allows me to explain how least priviledge works, transitions, etc.

Tracy Reed

Case study of SELinux stopping a Mambo exploit

I stumbled on this journal entry while troubleshooting an unrelated Samba problem, and thought you might be interested in an article I wrote for Linux Journal, published in the July 2007 issue:

Mambo Exploit Blocked By SELinux

This shows how SELinux on Red Hat Enterprise Linux 4 stopped a Mambo exploit from executing its payload.

-Richard Bullington-McGuire <rbulling@pkrinternet.com>

Re: Case study of SELinux stopping a Mambo exploit

Yes I am familiar with it. Thanks for the post.

  • 1

Log in