The National Security Agency, the government's security arm, along with help from Network Associates, last week announced it has made a security-enhanced version of Linux available for download.
The NSA said it realises that operating system security is necessary and that mainstream operating systems often lack critical security features that could enforce the confidentiality and integrity of network communications. Dubbed Security-Enhanced (SE) Linux, the NSA's version allows programs to have only the slimmest security permissions to run.
SE Linux has a strong, yet flexible, access control architecture incorporated into the kernel to foil tampering and bypassing of security mechanisms. The NSA chose Linux as a platform for this work because of its open environment. SE Linux does not correct any flaws in Linux, but rather serves as an example of how mandatory access controls, including superuser access, can be added to Linux.
With SE Linux, it is possible to configure a system that meets a number of security objectives such as roles-based access.
At present, SE Linux only supports the Intel Corp. x86 platform and has only been tested on Red Hat Inc. Linux.
The release includes documentation and source code. Users can download it from http://www.nsa.gov/selinux/index.html The NSA is at http://www.nsa.gov