« Technical Interview & Viva Questions : KyaPoocha.com home page
« What is SELinux?
Does PL/SQL support “overloading”? »



What does Security-enhanced Linux give me that standard Linux can’t?


The Security-enhanced Linux kernel enforces mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs. When confined in this way, the ability of these user programs and system daemons to cause harm when compromised (via buffer overflows or misconfigurations, for example) is reduced or eliminated. This confinement mechanism operates independently of the traditional Linux access control mechanisms. It has no concept of a “root” super-user, and does not share the well-known shortcomings of the traditional Linux security mechanisms (such as a dependence on setuid/setgid binaries).The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on the Security-enhanced Linux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole.



Explore posts in the same categories: Linux Interview Questions


BOOKMARK THIS : del.icio.us | Digg it | Furl | reddit |

Related Questions :

  • What is SELinux?
    • SELinux Security-enhanced Linux is a research prototype of the Linux® kernel and a number of utilities with enhanced security functionality designed...
  • What is difference between win95, 98, 2000, and NT? What is difference between unix and linux? Difference between windows and unix?
    • Diff between unix and linux is that linux is look alike of unix which is freely available.Linux is based on...
  • List of CPU Scheduling algorithms implemented in Windows Operating System ?
    • 1) Solaris 2 Uses priority-based process scheduling 2) Windows 2000 uses a priority-based preemptive scheduling algorithm 3) Linux provides two separate process-scheduling...
  • How big should the swap-space partition be?
    • Swap space is used as an extension of physical RAM, the more RAM you have, the less swap space is...
  • What account is created when you install Linux?
    • root-Whenever you install Linux, only one user account is created. This is the superuser account also known as root....
  • Compare Linux credit based algorithm with other scheduling algorithms?
    • For the conventional time –shared processes, Linux uses a prioritized, credit-based algorithm. Each process possesses a certain number of scheduling...
  • What tool have you used to create and analyze packet captures?
    • Network Monitor in Win2K / Win2K3, Ethereal in Linux, OptiView Series II (by Fluke Networks)....
  • In Linux OS, what is the file server?
    • The file server is a machine that shares its disk storage and files with other machines on the network....
  • What is LILO?
    • LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, and tell the...
  • Why You Shouldn’t Use the root Login?
    • The root login does not restrict you in any way. When you log in as root, you become the system....

    Comment:

    You must be logged in to post a comment.