SELinux Cookbook: Over 70 hands-on recipes to develop fully functional policies to confine your applications and users using SELinux

Sven Vermeulen

$19.99 per month

4.3 (7 Ratings)

Paperback Sep 2014 240 pages 1st Edition

Sven Vermeulen

$19.99 per month

4.3 (7 Ratings)

Paperback Sep 2014 240 pages 1st Edition

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

View table of contents

Preview Book

Description

If you are a Linux system administrator or a Linux-based service administrator and want to fine-tune SELinux to implement a supported, mature, and proven access control system, then this book is for you. Basic experience with SELinux enabled distributions is expected.

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Frequently bought together

$48.99

$65.99

$36.99

Total $ 151.97

Filter reviews by

All

Amazon verified reviews

Kindle Customer Mar 16, 2015

I have been using Fedora Linux for years now. And the first thing that I've always done is disable SELinux. Thanks to this book, I am now running Fedora "properly" with SELinux in full enforcement mode with no problems. The book explained what was going on and how to address the various problems that I had been having. Excellent!

Amazon Verified review

Steven A. Falco Jan 18, 2015

For a long time I avoided SELinux. It was too complicated and too poorly documented; so I just disabled it on my computers. Yet, I was always uncomfortable that I was leaving my systems open to being hacked. Along comes the "SELinux Cookbook", and I finally have enough info to use SELinux effectively. The book covers a number of topics: First, it helps set up some tools for building SELinux modules as well as examining the default configuration provided by the Operating System. It then goes on to provide techniques for securing Web servers, applications, and entire server systems. It has an excellent chapter on debugging SELinux problems that helped me determine if SELinux was actually at fault. (In some cases, other subsystems like firewalls might be at fault - you need to determine that before wasting time looking in the wrong place for a problem).One thing I particularly like about this book is that it clearly states the "why" behind the various examples. Too often, a book will say "do this" and leave me wondering "why? " That is not the case here - the author always explains how to do something , and then follows up with a justification for the given solution. In many of the examples, there is additional information describing limitations within SELinux. That is a big help; there is no point to trying to make the tools do something they cannot do.Altogether I am happy to have found this book. Any time I can learn something new, it is a good day. :-)

ML Feb 18, 2015

What it is SE Linux ?, the main meaning of SE Linux is (extracted from Wikipedia) : “ is a Linux kernel security module that provides a mechanism for supporting access control security policies. SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement.”So it is clear that SE Linux is not a linux distribution but it is a kernel module that provides mechanism over access of linux security policies. Now Packt Publishing is offering a new cookbook based on SE Linux for those experienced Linux system administrators and security administrators who wants to improve their knowledge or how to add more security for their linux systems and server.However the book is written based on Gentoo Linux (which is not really important, because this book is independent of linux distritbutions). The book focus on the structure and the reusable policy inside SE Linux and you will be able to create your first set of SE Linux module policy that will be integrated with the existing SELinux policies.The main topics of the book are (this are the chapters of the book):Get knowledge SE Linux Development Environment.Working with File Labels.Connifing Web Applications.Creating Server Policies.Setting up Separate Roles.Choosing theConnifing Levels.Debugging SELinux.Alligning SELinux with DAC.Handling SELinux-Aware Applications.One important point of view, you should have experience in Linux system administration, SELinux policy development and integration that requires good knowledge of the components how to confine and protect. You should have experience with Git version control system as an end user and also basic knowledge of how SELinux works on a system.A real practical book for those who wants to have deep experience on SE Linux system and how to add more secure policies in your linux servers!.

CNC guy Feb 09, 2015

This is a great place to start if you don't know anything about SELinux. I must confess that although I have used Linux since the days when you had to boot it from a floppy disk, I have very little experience with SELinux, however. SELinux has always been kind of mysterious for me. No more after reading this book.

Matteo Jan 21, 2015

This book provides a simple(relative to SElinux) rulebook to create and evaluate SElinux rulesets so that you can harden or evaluate your linux server security. If you never touched SElinux before, chances are that you will find that book complex beyond reason, keep some references/documentation within reach and, more importantly, try "breaking stuff" with some test VMs so you will understand what you are typing/executing(don't do it on a production server as borked SElinux rules can and will bring it down hard :)).

SELinux Cookbook: Over 70 hands-on recipes to develop fully functional policies to confine your applications and users using SELinux

What do you get with a Packt Subscription?