SELinux hint

Laurens Blankers laurens.blankers at
Mon Jan 10 08:26:57 PST 2005

Hello all,

I am working on a SELinux enabled system based on LFS 6.0 and am
writing a hint in the process. SELinux is a kernel modification
originally by the NSA which adds fine-grained access control over
processes, files and network sockets. Most of it has been merged in
the 2.6 kernel.

This access control is particularly useful to people running daemons
such as bind, apache and postfix, because it enables them to restrict
these daemons to the absolute minimum permissions even when running as

A very very rough alpha version of this hint is available at:

People that are interested in helping develop this hint and testing it
are very welcome to drop me a line.

My apologises for cross-posting this message to three lists. However
this hint seemed relevant to all three.



More information about the lfs-dev mailing list