[Infowarrior] - NSA releases new version of Linux software
Richard Forno
rforno at infowarrior.org
Tue Apr 8 19:25:42 UTC 2008
NSA releases new version of Linux software
Published: March 24, 2008 at 11:13 AM
http://www.upi.com/International_Security/Emerging_Threats/Briefing/2008/03/
24/nsa_releases_new_version_of_linux_software/9918/
WASHINGTON, March 24 (UPI) -- The U.S. National Security Agency has released
its own version of the open-source computer operating system Linux, which
offers enhanced security for users.
The new software was rolled out earlier this month to an e-mail list for
users of Linux -- an operating system that many experts believe provides a
more secure alternative to the ubiquitous Microsoft Windows. Linux is
open-source, which means the core code is available to programmers to
improve, as the NSA has done with its latest version of the so-called
Security-Enhanced Linux, or SELinux.
The version provides what experts call Mandatory Access Control, which
essentially limits the kind of instructions that software packages and users
can issue to the computer, helping guard against hackers compromising it.
MAC "confine(s) user programs and system servers to the minimum amount of
privilege they require to do their jobs," says the agency on its Web site.
"This work is not intended as a complete security solution," said the agency
in a March 5 statement about the latest update. "It is simply an example of
how mandatory access controls that can confine the actions of any process,
including an administrator process, can be added into a system."
The agency added the security features of the system were limited. "The
focus of this work has not been on system assurance or other security
features such as security auditing, although these elements are also
important for a secure system."
The release was first reported by Government Computer News. The NSA has been
working on SELinux since 2000, and it has been available to Linux users
since 2003.
The NSA is also pushing for MAC to be made an option for Internet servers
using the Network File System protocol, according to the Dark Reading IT
security Web site.
The site said the proposal was discussed at a meeting of the Internet
Engineering Task Force in Philadelphia earlier this month.
© 2008 United Press International. All Rights Reserved.
More information about the Infowarrior
mailing list