Security-Enhanced Linux - Second Public Version released by NSA
The National Security Agency (NSA) has released its second public version of the Security Enhanced Linux operating system. Although still in prototype, the Linux Security Modules based OS is designed to be an almost uncrackable development of the open source platform, which can be confidently used for "certain sensitive or classified applications and environments".
The agency has been working on the Security Enhanced implementation since February this year, and released the first public prototype in May. Features of the second release include a number of bug fixes, as well as a kernel update to the more recent 2.4.10 Linux kernel. Other modifications were made at the core of the operating system...
Secure Linux hits the shelves
By James Middleton, vnunet.com
According to the NSA: "This version of Linux has a strong, flexible mandatory access control architecture incorporated into the major subsystems of the kernel. The system provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements. This allows threats of tampering and bypassing of application security mechanisms to be addressed, and enables the confinement of damage that can be caused by malicious or flawed applications."
The project was started when the NSA decided that existing mainstream operating systems lacked the critical security feature required for enforcing separation - mandatory access control.
"As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security," the organisation said.
