by REJY M CYRIAC (@rejy) on Wednesday, 26 March 2014

+15
Vote on this proposal
Status: Submitted
Section
Workshops

Technical level
Intermediate

Objective

Provide knowledge to SysAdmins/DevOps , on how to develop new SELinux policy modules, and thereby protect additional services.
The session is also aimed to encourage SysAdmins/DevOps to contribute to building the SELinux policy for wider use and acceptance.

Description

Most well known services are protected either by the SELinux base policy, or through default shipped policy modules. But many less know services, or custom services, may currently not fall under complete SELinux protection.

The objective of the session is to provide knowledge to SysAdmins/DevOps , on how to develop new SELinux policy modules, and thereby protect additional services. The session is also aimed to encourage SysAdmins/DevOps to contribute to building the SELinux policy for wider use and acceptance.

This session will consist of
Examine current SELinux policy rules Analyze SELinux logs Discuss SELinux policy module syntax Use SELinux policy macros * Tools to make SELinux policy module building easier

Requirements

Familiarity with using the Linux command line
Knowledge about SELinux basics
Pledge to never disable SELinux ;-)

Speaker bio

Working at Red Hat, Bangalore - Engineering - Quality Engineering
User and Evangelist of SELinux for over 8 years
Have trained and assisted SysAdmins/DevOps to use SELinux on servers
Passionate about Open Source

Red Hat Certified Architect
Red Hat Certified Data Center Specialist
Red Hat Certified Security Specialist

Comments

  • 1
    [-] Ajey Gore (@ajeygore) 3 years ago

    This is good proposal, only thing which I would want to know as audience - why would I choose to enable SELinux.

    SELinux has been one of the those areas where people just disable it make it targetted and ignore.

    Ajey

Login with Twitter or Google to leave a comment