Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Security-Enhanced Linux
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==History== The earliest work directed toward standardizing an approach providing mandatory and discretionary access controls (MAC and DAC) within a UNIX (more precisely, POSIX) computing environment can be attributed to the [[National Security Agency]]'s Trusted UNIX (TRUSIX) Working Group, which met from 1987 to 1991 and published one [[Rainbow Series|Rainbow Book]] (#020A), and produced a formal model and associated evaluation evidence prototype (#020B) that was ultimately unpublished. SELinux was designed to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux. Originally, the patches that make up SELinux had to be explicitly applied to the Linux kernel source; SELinux was merged into the [[Linux kernel mainline]] in the 2.6 series of the Linux kernel. The NSA, the original primary developer of SELinux, released the first version to the [[Open-source software|open source]] development community under the [[GNU GPL]] on December 22, 2000.<ref>Compare {{cite web | url = https://www.nsa.gov/news-features/press-room/press-releases/2001/se-linux.shtml | archive-url = https://web.archive.org/web/20180918025937/https://www.nsa.gov/news-features/press-room/press-releases/2001/se-linux.shtml | archive-date = 2018-09-18 | title = National Security Agency Shares Security Enhancements to Linux | date = 2001-01-02 | work = NSA Press Release | publisher = National Security Agency Central Security Service | location = Fort George G. Meade, Maryland | access-date = 2021-04-21 | quote = The NSA is pleased to announce that it has developed, and is making available to the public, a prototype version of a security-enhanced Linux operating system.}}</ref> The software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include [[Red Hat]], [[Network Associates]], [[Secure Computing Corporation]], Tresys Technology, and Trusted Computer Solutions. Experimental ports of the [[FLASK]]/TE implementation have been made available via the [[TrustedBSD]] Project for the [[FreeBSD]] and [[Darwin (operating system)|Darwin]] operating systems. Security-Enhanced Linux implements the [[FLASK|Flux Advanced Security Kernel]] (FLASK). Such a kernel contains architectural components prototyped in the [[Fluke operating system]]. These provide general support for enforcing many kinds of mandatory access control policies, including those based on the concepts of [[type enforcement]], [[role-based access control]], and [[multilevel security]]. FLASK, in turn, was based on DTOS, a Mach-derived [[Distributed Trusted Operating System]], as well as on Trusted Mach, a research project from [[Trusted Information Systems]] that had an influence on the design and implementation of DTOS.{{Citation needed|date=September 2023}} === Original and external contributors === A comprehensive list of the original and external contributors to SELinux was hosted at the NSA website until maintenance ceased sometime in 2009. The following list reproduces the original as [https://web.archive.org/web/20081018034429/http://www.nsa.gov/selinux/info/contrib.cfm preserved] by the Internet Archive Wayback Machine. The scope of their contributions was listed in the page and has been omitted for brevity, but it can be accessed through the archived copy.<ref>{{cite web |title=Contributors to SELinux |url=http://www.nsa.gov/selinux/info/contrib.cfm|archive-url=https://web.archive.org/web/20081018034429/http://www.nsa.gov/selinux/info/contrib.cfm|archive-date=2008-10-18}}</ref> {{columns-list|colwidth=20em| * [[National Security Agency|The National Security Agency]] (NSA) * [[Network Associates Laboratories]] (NAI Labs) * [[Mitre Corporation|The MITRE Corporation]] * [[Secure Computing Corporation]] (SCC) * Matt Anderson * Ryan Bergauer * Bastian Blank * Thomas Bleher * Joshua Brindle * [[Russell Coker]] * John Dennis * Janak Desai * Ulrich Drepper * Lorenzo Hernandez Garcia-Hierro * Darrel Goeddel * Carsten Grohmann * Steve Grubb * Ivan Gyurdiev * Serge Hallyn * Chad Hanson * Joerg Hoh * Trent Jaeger * Dustin Kirkland * Kaigai Kohei * Paul Krumviede * Joy Latten * Tom London * Karl MacMillan * Brian May * Frank Mayer * Todd Miller * Roland McGrath * Paul Moore * James Morris * Yuichi Nakamura * Greg Norris * Eric Paris * Chris PeBenito * [[Red Hat]] * Petre Rodan * Shaun Savage * Chad Sellers * Rogelio Serrano Jr. * Justin Smith * Manoj Srivastava * Tresys Technology * Michael Thompson * Trusted Computer Solutions * Tom Vogt * Reino Wallin * Dan Walsh * Colin Walters * Mark Westerman * David A. Wheeler * Venkat Yekkirala * Catherine Zhang }}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)