On Mon, Jan 10, 2011 at 08:44:06AM -0500, Chris PeBenito wrote:
> On 1/6/2011 5:32 PM, Sven Vermeulen wrote:
> > I've been working on bringing the SELinux handbook as currently available on
> > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml more
> > up2date. It's somewhat of a rewrite, but with all elements of the original
> > SELinux handbook still inside it (apart from the troubleshooting as I guess
> > those are quite outdated, being from 2006 and older).
>
> The troubleshooting is not outdated, though there could be a few additions.
Yup, Chris Richards already mentioned that. It should be available in the
current draft already.
> I looked through section 1 and 2 of the pdf version, and here are my
> notes so far:
Thanks for the feedback, really appreciated. I've incorporated most (if not
all) of your comments.
> 1.2.2 I don't understand the point of this section
[... Section on OS Security ...]
> 1.2.3 I'd say this is not appropriate for this document.
[... Section on security best practices ...]
I wanted to give some pointers to the readers how they should position
SELinux within security. Using SELinux isn't effective if other aspects of a
secure system aren't looked at.
The reason I put that in the first part was because it shouldn't be
described further (users that are interested should then start looking for
other resources), but (imho) gives users the impression where they
should position SELinux within their own security strategy.
I've commented out the two sections for now.
Again, thanks for the feedback!
Wkr,
Sven Vermeulen
